last executing test programs: 4.391201757s ago: executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) poll(0x0, 0x0, 0x64) pipe2$9p(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r1, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838) write$P9_RLERRORu(r1, 0x0, 0x0) rt_sigreturn() r2 = epoll_create(0x6) epoll_wait(r2, &(0x7f0000000000)=[{}], 0x1, 0x10001) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) close(r1) 4.338222864s ago: executing program 2: r0 = eventfd(0x1) openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) write$P9_RSETATTR(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system', 0x0, 0x0) r1 = socket(0x1, 0x3, 0x0) recvmsg$inet_nvme(r1, &(0x7f00000014c0)={&(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, 0x0}, 0x0) close(r2) timer_settime(0x0, 0x0, 0x0, 0x0) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0x5450, 0x0) 3.82068826s ago: executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) 3.427804359s ago: executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x10042, 0x0) pwrite64(r0, &(0x7f0000000080)="1c", 0x1, 0x800b5eb) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1002000000006) membarrier(0x2, 0x0) 3.378459937s ago: executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000280)={0x0, 0x4}, 0xe) shutdown(r0, 0x0) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0xd, &(0x7f0000000500), 0x8) 3.071150577s ago: executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) r1 = socket(0xa, 0x6, 0x0) getsockopt$inet6_mreq(r1, 0x10d, 0x92, 0x0, &(0x7f0000000000)) 3.066499757s ago: executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000227bd7000754ac3740618ffdbdf25100000000500"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x8800) socket$nl_route(0x10, 0x3, 0x0) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) syz_open_procfs$namespace(0x0, 0xfffffffffffffffc) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1d, &(0x7f00000004c0)=0x80007fb, 0x4) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) socket$inet_dccp(0x2, 0x6, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f00000008c0)={'filter\x00', 0x6001, 0x4, 0x410, 0x240, 0x240, 0x130, 0x328, 0x328, 0x328, 0x4, 0x0, {[{{@uncond, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "81bef90cac9eefdb69381fea88eb84c2a41045b786fd0e44b3da4f4734c128dba969309a9161e795a0057e17b4de122c8534fa15d5180793535f687585b4aa49"}}}, {{@arp={@dev, @remote, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_vlan\x00', 'team_slave_0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@broadcast, @multicast2, @private}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x460) recvmmsg(r2, &(0x7f0000000840)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/23, 0x17}}], 0x400000000000078, 0x0, 0x0) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="850000002a000000840000000000000095000000000000001c7da1cc05e54f6522bea7a4464add365596f5d60c8efcfbe665f7a78d1848005c424fd98c6aeb25dbccb644c99ab18503e058e29d17d8e7f29f2e94debfd172af5bfb16c845d8ffef0d1bdef7ce95ace3d87726edc1b1c56fb5e8ab729d6a446f73de929e9d8947f3bf85bb696cec5a61425e21b0230d6e033f7d71a6f092a7771e828d72bbecb03a8d44dacd93ffa87280573fc6f3dea4adb03a60ba32b30e0cf16e094b0593327ee04ee46eff0681a2ec4595a91d3bed911976fdaf18efa5b4a162a43efd19da759a2d71fc0bb78ccbcaf6508ca32a417606e9ef0b8718b4087e2c26c468abb7030d13f86608bb51f8cfaad07117c869577b212fed47a2df1ae5a8849ddf12e89416a6e6ca3b09225f82aa575a113b58d6b55c7cdfe7a5a2d09872526d593e4e"], &(0x7f0000000180)='GPL\x00'}, 0x48) setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000000)=r4, 0x4) sendmsg$NFT_BATCH(r3, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003c80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a140000000e0a00"/36], 0x3c}}, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000000)=[@timestamp, @mss, @window={0x3, 0xfeff}, @sack_perm, @mss={0x2, 0x6}, @window={0x3, 0xfffe}], 0x6) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) sendto$inet(r1, &(0x7f0000000d40)="512691139c06666947d059c2c94b3fa191bcc97be4f4d4bdda5d594a09476a7ad17ca3608a7d0d928cad4cdb4344f7f3939d004927314ad9418a5ed6c13aaf8d054e107254e062ea07eb0dbc95f72ebd4d64fb94ee479b64c5cf01d59daed7882ee7ea639455996162b271dcd826858d006e11eeac2c76b5fcde40fd4b20e5c13b0deea4ccb27b7b1df6c5173d5f404db92b35d9ba93048c2b8167228fb061cb0e24ac052c82b25a00867e554b71eed5e0fa6c60fc62d9c39e51261b40746e5386724297ecbe6609867a8751090da69654f126125cff8275685dc4c2388a1816bfae5f595e90f55189b4cf5a2a0cf1a529f37792d4e2237b0ec768c36115c4f289d8c068b7be5cebf9277dda5b9b3089a4de1f9acfc3182627a2c2b6ffc260f6e731a426e721517b2456e873743dd66697d7187eac1e09cd6dfcec77679933791922946540f442359dbf4554eccba572def11da2b9ef7c8461f8ee530ef10a53d1ae5338ecc1cb78a6d1883d93ff5dc1910e6a962a543e9731257934e3f78f1673dfcb2f840ef19f4897879b25c00c1da14c77bd5d61a4171a5c508ec4adbab99272424b6d93a9a42cc63eb8f3b75d1f1e117b4d18e4377b52ac7ab6eaf8e26278bdc834198e437298da1a522a2ddc857f951a57c8613d38b5566563c24c6e8c582b94ddfff6ab390b7e7512d0c282cf9786aa6d851a56", 0x1f7, 0x400c0, 0x0, 0x0) r5 = socket$inet_sctp(0x2, 0x5, 0x84) r6 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={0x0}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f00000000c0)={r7}, &(0x7f0000000100)=0x14) 3.03960574s ago: executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000d00)=@mangle={'mangle\x00', 0x2, 0x6, 0x618, 0x338, 0x428, 0x0, 0x428, 0x338, 0x548, 0x548, 0x548, 0x548, 0x548, 0x6, 0x0, {[{{@ipv6={@mcast2, @mcast1, [], [], 'macvlan1\x00', 'erspan0\x00'}, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @HL={0x28}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2, [], [], 'syzkaller0\x00', 'team_slave_1\x00'}, 0x0, 0xd0, 0x108, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}}}}, {{@ipv6={@private2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], '\x00', 'bond_slave_0\x00'}, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @local, @empty}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x678) 2.985263605s ago: executing program 4: socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[], 0x84}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x48}}, 0x0) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @local}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000040)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f1400000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec001210000140020c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1, 0x0, 0x0, 0xff0f0000}, 0x0) 2.859280675s ago: executing program 3: sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a80)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x2}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x6}]}, 0x3c}}, 0x0) 2.619006472s ago: executing program 1: setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, 0x0, 0x0) bpf$BPF_PROG_DETACH(0x8, 0x0, 0xfffffffd) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = socket$can_j1939(0x1d, 0x2, 0x7) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) getsockopt$inet_dccp_buf(r1, 0x21, 0xc0, &(0x7f0000000280)=""/158, &(0x7f00000001c0)=0x9e) sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000000000000f00000005002e005500000008000300", @ANYRES32=r4], 0x5c}}, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="000228bd7000fcdbdf25060000000800390066000000444a8027b20c8a663d3f20a77b4bc546f00a2bcc113cb5bb277f2c47d140adcc381739c57832b0f5c7af7e81ebe92c062bf00ddd57a094a0718d2de21664184e41149d3ed6813550a25b16e9a9744f29c2c9fe144d556fbd403a4589f97d0e5bca29d1163f3ae50b5412ec1bf6b9064e4eeae22eb7092e77c683444d6a4f34c50a55c2fa64369d0278759c632105379c24057276e653bcb65f682b33c1b068150583a8f3a3c299baaca9e25c486050f698a92f3c46e535b9"], 0x1c}}, 0x20044040) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000011c0)={'vxcan1\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r5, 0x4, {0x0, 0x1, 0x2}, 0x2}, 0x18) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000100)=0x8) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r8 = openat$cgroup_ro(r7, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0) write$tun(r8, &(0x7f00000001c0)={@val, @val, @llc={@llc={0x0, 0x0, 'z'}}}, 0x11) preadv(r8, &(0x7f0000000040)=[{&(0x7f0000000140)=""/65, 0x41}], 0x1, 0x2, 0x0) r9 = socket$inet6_sctp(0xa, 0x0, 0x84) shutdown(r9, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r9, 0x84, 0x18, &(0x7f0000000480)={r10}, &(0x7f0000000180)=0x8) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x5, 0xffff, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, r8, 0x5}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1}, 0x48) 2.599476085s ago: executing program 0: r0 = socket$inet6(0xa, 0x3, 0x5) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)=',', 0x1}], 0x1}, 0xc9c0) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000100)='_', 0x1}], 0x1) 2.5504733s ago: executing program 2: socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) write$binfmt_script(r1, 0x0, 0xfffffe5d) getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r2, @ANYBLOB="01ff00e1c2ed00001c0012000c000100626f6e64"], 0x3c}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @rand_addr=0x64010101}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x40}}, 0x0) getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000004c0)=0x14) r5 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100767469000c00028008000500e000000208000a00", @ANYRES32=r4], 0x40}}, 0x0) 2.374512578s ago: executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) write(0xffffffffffffffff, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x3c1, 0x3, 0x290, 0x0, 0x150, 0x150, 0xd0, 0x90a, 0x1c0, 0x238, 0x238, 0x1c0, 0x238, 0xf, 0x0, {[{{@uncond, 0x500, 0xa8, 0xd0}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x0, 0x8}}}}, {{@ipv6={@remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'dvmrp0\x00', 'netpci0\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f0) 2.158376853s ago: executing program 0: socket(0x10, 0x3, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$nl_netfilter(0x10, 0x3, 0xc) socket$netlink(0x10, 0x3, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) socket$inet(0x2, 0x0, 0x0) ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000440)={{0x2, 0x4e22, @multicast2}, {0x6, @local}, 0x14, {0x2, 0x4e22, @broadcast}, 'caif0\x00'}) socket$l2tp(0x2, 0x2, 0x73) pipe(&(0x7f0000000100)) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x6c, 0x10, 0x609, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc}, @IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8}, @IFLA_ADDRESS={0xa, 0x1, @dev}, @IFLA_MTU={0x8}]}, 0x6c}}, 0x0) 1.953758403s ago: executing program 4: r0 = socket$nl_rdma(0x10, 0x3, 0x14) setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000000000)=0x3, 0x4) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000001b00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r1}, &(0x7f0000001c00), &(0x7f0000001c40)=r2}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000009c0)={r3, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.726108604s ago: executing program 3: r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=r3], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x38, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pie={{0x8}, {0xc, 0x2, [@TCA_PIE_TARGET={0x8}]}}]}, 0x38}}, 0x0) 1.225798577s ago: executing program 4: socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="85000000ad00000066"], 0x0}, 0x90) socket$nl_route(0x10, 0x3, 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801}) write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="65217d09d904"], 0xffdd) 1.17034806s ago: executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000280)={0x0, 0x4}, 0xe) shutdown(r0, 0x0) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0xd, &(0x7f0000000500), 0x8) 1.120326234s ago: executing program 1: getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_RESET_LINK_STATS(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="000429bddbdf25"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="185e79e3f744f00000ecffffff00000000000000000062010a00000000009500000000000000ebe3d77af8568b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) 1.05012877s ago: executing program 3: socket$alg(0x26, 0x5, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_256={{0x304}, "41328ac34a4ad2ba", "e8582491a0c4050000000000f6542a9b6800000000000000003967d2daa45b4e", "61241765", "dfa27021fe106750"}, 0x38) writev(r0, &(0x7f0000002fc0)=[{&(0x7f00000000c0)="14", 0x1}], 0x1) setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000040), 0x4) 684.798484ms ago: executing program 2: bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f0000000340)="07000000010000", 0x7) 679.353962ms ago: executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc) bind$netlink(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc) r3 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r3, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc) r4 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r4, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc) r5 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r5, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x4140045e}, 0xc) r6 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r6, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc) r7 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r7, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x400}, 0xc) r8 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r8, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x22ffffffff}, 0xc) r9 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r9, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x22ffffffff}, 0xc) r10 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r10, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc) r11 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r11, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc) r12 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r12, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc) bind$netlink(r1, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x80020000}, 0x48) r13 = socket$netlink(0x10, 0x3, 0x4) writev(r13, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1) 597.830293ms ago: executing program 4: sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a80)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x2}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x6}]}, 0x3c}}, 0x0) 565.351272ms ago: executing program 3: r0 = socket(0x10, 0x803, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x331}, {&(0x7f0000000280)=""/85, 0x5c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x596}, {&(0x7f00000007c0)=""/154, 0x33}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 425.698037ms ago: executing program 1: socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[], 0x84}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x48}}, 0x0) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @local}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000040)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f1400000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec001210000140020c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1, 0x0, 0x0, 0xff0f0000}, 0x0) 238.188696ms ago: executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) write(0xffffffffffffffff, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x3c1, 0x3, 0x290, 0x0, 0x150, 0x150, 0xd0, 0x90a, 0x1c0, 0x238, 0x238, 0x1c0, 0x238, 0xf, 0x0, {[{{@uncond, 0x500, 0xa8, 0xd0}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x0, 0x8}}}}, {{@ipv6={@remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'dvmrp0\x00', 'netpci0\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f0) 197.780656ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x14, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000646c6c2500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000001800010000000000000000001d01000008000a00", @ANYRES32, @ANYBLOB='\b\x00\t\x00', @ANYRES32], 0x24}}, 0x0) 39.700619ms ago: executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) write$binfmt_script(r1, 0x0, 0xfffffe5d) getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r2, @ANYBLOB="01ff00e1c2ed00001c0012000c000100626f6e64"], 0x3c}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @rand_addr=0x64010101}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x40}}, 0x0) getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000004c0)=0x14) r5 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100767469000c00028008000500e000000208000a00", @ANYRES32=r4], 0x40}}, 0x0) 0s ago: executing program 3: socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) write$binfmt_script(r1, 0x0, 0xfffffe5d) getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r2, @ANYBLOB="01ff00e1c2ed00001c0012000c000100626f6e64"], 0x3c}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @rand_addr=0x64010101}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x40}}, 0x0) getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000004c0)=0x14) r5 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100767469000c00028008000500e000000208000a00", @ANYRES32=r4], 0x40}}, 0x0) kernel console output (not intermixed with test programs): ed op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1269625548/syzkaller.YMMcXq/27/file1" dev="sda1" ino=1964 res=1 errno=0 [ 621.800460][ T8649] bcachefs (loop4): done starting filesystem [ 621.919994][ T8290] bcachefs (loop4): shutting down [ 621.934055][ T8290] bcachefs (loop4): going read-only [ 621.939467][ T8290] bcachefs (loop4): finished waiting for writes to stop [ 621.984268][ T8290] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10 [ 622.004406][ T5085] Bluetooth: hci3: unexpected event for opcode 0x2041 [ 622.004877][ T8290] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10 [ 622.088823][ T8290] bcachefs (loop4): shutdown complete, journal seq 11 [ 622.096584][ T8290] bcachefs (loop4): marking filesystem clean [ 622.212771][ T8290] bcachefs (loop4): shutdown complete [ 622.394669][ T8650] loop2: detected capacity change from 0 to 2048 [ 622.449740][ T8650] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 622.477967][ T8650] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 622.486347][ T8650] UDF-fs: Scanning with blocksize 512 failed [ 622.596128][ T8650] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 622.694733][ T8650] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 622.778702][ T8650] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 622.787413][ T8650] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 622.795927][ T8650] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'. [ 622.821817][ C0] cm109 3-1:0.8: cm109_urb_irq_callback: urb status -71 [ 622.831838][ T5128] usb 3-1: USB disconnect, device number 18 [ 622.841868][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 622.849089][ C0] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 622.878377][ T5128] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 622.992858][ T4722] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 623.241776][ T4722] usb 2-1: Using ep0 maxpacket: 32 [ 623.304848][ T781] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 623.373945][ T4722] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 623.385332][ T4722] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 623.539084][ T4722] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 623.548621][ T4722] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 623.557392][ T4722] usb 2-1: Product: syz [ 623.562025][ T4722] usb 2-1: Manufacturer: syz [ 623.597263][ T781] usb 1-1: Using ep0 maxpacket: 8 [ 623.686321][ T4722] hub 2-1:4.0: USB hub found [ 623.773765][ T781] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 623.781986][ T781] usb 1-1: can't read configurations, error -61 [ 623.954724][ T4722] hub 2-1:4.0: 2 ports detected [ 624.012031][ T781] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 624.049513][ T8686] loop3: detected capacity change from 0 to 128 [ 624.284723][ T781] usb 1-1: Using ep0 maxpacket: 8 [ 624.457128][ T781] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 624.465238][ T781] usb 1-1: can't read configurations, error -61 [ 624.477665][ T781] usb usb1-port1: attempt power cycle [ 624.660411][ T8673] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 624.670290][ T8673] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 624.781031][ T4722] usb 2-1: USB disconnect, device number 14 [ 624.898041][ T781] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 624.972029][ T5128] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 625.032688][ T781] usb 1-1: Using ep0 maxpacket: 8 [ 625.212847][ T781] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 625.220859][ T781] usb 1-1: can't read configurations, error -61 [ 625.242863][ T5128] usb 5-1: Using ep0 maxpacket: 32 [ 625.380982][ T5128] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 625.393013][ T5128] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 625.406094][ T5128] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 625.417874][ T5128] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 625.452745][ T781] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 625.475705][ T5128] usb 5-1: config 0 descriptor?? [ 625.522646][ T5128] hub 5-1:0.0: USB hub found [ 625.542860][ T781] usb 1-1: Using ep0 maxpacket: 8 [ 625.606880][ T8705] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 625.646605][ T29] audit: type=1804 audit(1717028641.594:14): pid=8703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1269625548/syzkaller.YMMcXq/29/file1" dev="sda1" ino=1953 res=1 errno=0 [ 625.823210][ T8693] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 625.835085][ T8693] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 626.438980][ T8706] loop2: detected capacity change from 0 to 32768 [ 626.465177][ T5128] hub 5-1:0.0: 1 port detected [ 626.474046][ T781] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 626.482352][ T781] usb 1-1: can't read configurations, error -71 [ 626.493550][ T781] usb usb1-port1: unable to enumerate USB device [ 626.662115][ T8706] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 626.676687][ T8706] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 626.821120][ T8693] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 626.827946][ T8693] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 626.836581][ T8693] vhci_hcd vhci_hcd.0: Device attached [ 626.966659][ T8706] bcachefs (loop2): alloc_read... done [ 626.973329][ T8706] bcachefs (loop2): stripes_read... done [ 626.983546][ T8706] bcachefs (loop2): snapshots_read... done [ 627.003788][ T8706] bcachefs (loop2): journal_replay... done [ 627.009963][ T8706] bcachefs (loop2): resume_logged_ops... done [ 627.016845][ T8706] bcachefs (loop2): going read-write [ 627.024897][ T43] hub 5-1:0.0: activate --> -90 [ 627.111413][ T8706] bcachefs (loop2): done starting filesystem [ 627.232654][ T4722] usb 17-1: new high-speed USB device number 2 using vhci_hcd [ 627.262386][ T6917] bcachefs (loop2): shutting down [ 627.267649][ T6917] bcachefs (loop2): going read-only [ 627.273260][ T6917] bcachefs (loop2): finished waiting for writes to stop [ 627.322337][ T6917] bcachefs (loop2): flushing journal and stopping allocators, journal seq 10 [ 627.337478][ T6917] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10 [ 627.373954][ T6917] bcachefs (loop2): shutdown complete, journal seq 11 [ 627.381491][ T6917] bcachefs (loop2): marking filesystem clean [ 627.439061][ T6917] bcachefs (loop2): shutdown complete [ 627.512225][ T781] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 627.520586][ T8721] vhci_hcd: connection reset by peer [ 627.532572][ T5128] usb 5-1: USB disconnect, device number 7 [ 627.542480][ T11] vhci_hcd: stop threads [ 627.546912][ T11] vhci_hcd: release socket [ 627.551823][ T11] vhci_hcd: disconnect device [ 627.776258][ T781] usb 4-1: Using ep0 maxpacket: 16 [ 627.912744][ T781] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 627.921141][ T781] usb 4-1: config 0 has no interface number 0 [ 627.928002][ T781] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 628.076067][ T781] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 628.085690][ T781] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 628.094133][ T781] usb 4-1: Product: syz [ 628.098515][ T781] usb 4-1: SerialNumber: syz [ 628.138606][ T781] usb 4-1: config 0 descriptor?? [ 628.223736][ T781] cm109 4-1:0.8: invalid payload size 160, expected 4 [ 628.233297][ T781] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input7 [ 628.533442][ T8741] loop0: detected capacity change from 0 to 128 [ 628.870522][ T8728] loop3: detected capacity change from 0 to 2048 [ 628.930089][ T8728] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 628.970310][ T8728] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 628.978838][ T8728] UDF-fs: Scanning with blocksize 512 failed [ 629.084308][ T8728] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 629.313496][ T8728] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 629.384583][ T8728] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 629.393344][ T8728] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 629.408730][ T8728] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.3'. [ 629.422132][ T10] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 629.487050][ T781] usb 4-1: USB disconnect, device number 13 [ 629.543699][ T781] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 629.672160][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 629.728374][ T8746] netlink: 16166 bytes leftover after parsing attributes in process `syz-executor.2'. [ 629.797418][ T10] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 629.808839][ T10] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 629.857762][ T8746] loop2: detected capacity change from 0 to 128 [ 629.900011][ T8746] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 629.998725][ T10] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 630.008347][ T10] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 630.022710][ T10] usb 5-1: Product: syz [ 630.027129][ T10] usb 5-1: Manufacturer: syz [ 630.134307][ T29] audit: type=1804 audit(1717028646.064:15): pid=8748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2377494660/syzkaller.7wOByd/101/file1" dev="sda1" ino=1967 res=1 errno=0 [ 630.171805][ T10] hub 5-1:4.0: USB hub found [ 630.381318][ T10] hub 5-1:4.0: 2 ports detected [ 631.167378][ T8744] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 631.176556][ T8744] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 631.741849][ T8755] loop2: detected capacity change from 0 to 40427 [ 631.787054][ T8755] F2FS-fs (loop2): invalid crc value [ 631.812966][ T10] usb 5-1: USB disconnect, device number 8 [ 631.834440][ T8755] F2FS-fs (loop2): Found nat_bits in checkpoint [ 632.146157][ T8755] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 632.161432][ T8767] loop1: detected capacity change from 0 to 256 [ 632.211982][ T5966] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 632.290047][ T8767] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 632.419980][ T4722] vhci_hcd: vhci_device speed not set [ 632.452257][ T6917] syz-executor.2: attempt to access beyond end of device [ 632.452257][ T6917] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 632.525690][ T5966] usb 4-1: Using ep0 maxpacket: 8 [ 632.685410][ T5966] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 632.693410][ T5966] usb 4-1: can't read configurations, error -61 [ 633.199556][ T5966] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 633.268524][ T8774] loop1: detected capacity change from 0 to 256 [ 633.482045][ T5966] usb 4-1: Using ep0 maxpacket: 8 [ 633.539600][ T8774] mmap: syz-executor.1 (8774) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 634.016280][ T5966] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 634.024393][ T5966] usb 4-1: can't read configurations, error -71 [ 634.143113][ T5966] usb usb4-port1: attempt power cycle [ 634.358079][ T8777] loop4: detected capacity change from 0 to 32768 [ 634.582443][ T8777] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 634.597157][ T8777] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 634.752443][ T8777] bcachefs (loop4): alloc_read... done [ 634.758315][ T8777] bcachefs (loop4): stripes_read... done [ 634.764476][ T8777] bcachefs (loop4): snapshots_read... done [ 634.782820][ T8777] bcachefs (loop4): journal_replay... done [ 634.789064][ T8777] bcachefs (loop4): resume_logged_ops... done [ 634.795780][ T8777] bcachefs (loop4): going read-write [ 634.860735][ T8777] bcachefs (loop4): done starting filesystem [ 634.924946][ T5966] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 635.054505][ T5966] usb 4-1: Using ep0 maxpacket: 32 [ 635.074636][ T8290] bcachefs (loop4): shutting down [ 635.083676][ T8290] bcachefs (loop4): going read-only [ 635.089084][ T8290] bcachefs (loop4): finished waiting for writes to stop [ 635.108913][ T8290] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10 [ 635.119643][ T8290] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10 [ 635.133881][ T5128] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 635.171171][ T8290] bcachefs (loop4): shutdown complete, journal seq 11 [ 635.178805][ T8290] bcachefs (loop4): marking filesystem clean [ 635.193894][ T5966] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 635.205342][ T5966] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 635.215609][ T5966] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 635.225241][ T5966] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 635.274953][ T5966] usb 4-1: config 0 descriptor?? [ 635.323024][ T8290] bcachefs (loop4): shutdown complete [ 635.333938][ T5966] hub 4-1:0.0: USB hub found [ 635.466618][ T5128] usb 2-1: Using ep0 maxpacket: 16 [ 635.590898][ T8779] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 635.600916][ T8779] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 635.623121][ T5128] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 635.631836][ T5128] usb 2-1: config 0 has no interface number 0 [ 635.638183][ T5128] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 635.739617][ T5966] hub 4-1:0.0: 1 port detected [ 635.747815][ T8795] netlink: 16166 bytes leftover after parsing attributes in process `syz-executor.0'. [ 635.797560][ T5128] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 635.807271][ T5128] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 635.816167][ T5128] usb 2-1: Product: syz [ 635.820567][ T5128] usb 2-1: SerialNumber: syz [ 635.892187][ T5128] usb 2-1: config 0 descriptor?? [ 635.931493][ T8795] loop0: detected capacity change from 0 to 128 [ 635.959699][ T5128] cm109 2-1:0.8: invalid payload size 160, expected 4 [ 635.970064][ T5128] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input8 [ 635.999364][ T8795] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 636.475514][ T8779] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 636.482330][ T8779] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 636.490670][ T8779] vhci_hcd vhci_hcd.0: Device attached [ 636.612015][ T5966] hub 4-1:0.0: activate --> -90 [ 636.812129][ T5128] usb 15-1: new high-speed USB device number 2 using vhci_hcd [ 636.831261][ T8788] loop1: detected capacity change from 0 to 2048 [ 636.952390][ T8788] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 636.972919][ T8788] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 636.983689][ T8788] UDF-fs: Scanning with blocksize 512 failed [ 637.016582][ T8800] vhci_hcd: connection reset by peer [ 637.024624][ T3898] vhci_hcd: stop threads [ 637.025008][ T781] usb 4-1: USB disconnect, device number 16 [ 637.028971][ T3898] vhci_hcd: release socket [ 637.029090][ T3898] vhci_hcd: disconnect device [ 637.104138][ T8788] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 637.243095][ T8788] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 637.318424][ T8788] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 637.327200][ T8788] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 637.335784][ T8788] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.1'. [ 637.431849][ C1] cm109 2-1:0.8: cm109_urb_irq_callback: urb status -71 [ 637.448244][ T29] audit: type=1804 audit(1717028653.364:16): pid=8806 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3193893091/syzkaller.VsMtvh/10/file1" dev="sda1" ino=1960 res=1 errno=0 [ 637.448492][ T43] usb 2-1: USB disconnect, device number 15 [ 637.473892][ C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 637.474022][ C1] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 637.573099][ T43] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 637.691956][ T10] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 637.962158][ T10] usb 1-1: Using ep0 maxpacket: 32 [ 638.093302][ T10] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 638.111407][ T10] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 638.257875][ T8816] loop4: detected capacity change from 0 to 256 [ 638.277913][ T10] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 638.287692][ T10] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 638.296501][ T10] usb 1-1: Product: syz [ 638.300906][ T10] usb 1-1: Manufacturer: syz [ 638.406874][ T8816] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 638.447384][ T10] hub 1-1:4.0: USB hub found [ 638.718806][ T10] hub 1-1:4.0: 2 ports detected [ 638.921984][ T43] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 639.077975][ T8823] loop3: detected capacity change from 0 to 256 [ 639.184230][ T43] usb 2-1: Using ep0 maxpacket: 8 [ 639.221721][ T8825] loop4: detected capacity change from 0 to 256 [ 639.356708][ T43] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 639.364957][ T43] usb 2-1: can't read configurations, error -61 [ 639.389626][ T8810] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 639.398838][ T8810] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 639.573064][ T43] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 639.573397][ T10] usb 1-1: USB disconnect, device number 31 [ 639.834630][ T43] usb 2-1: Using ep0 maxpacket: 8 [ 640.002215][ T43] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 640.010188][ T43] usb 2-1: can't read configurations, error -61 [ 640.029529][ T43] usb usb2-port1: attempt power cycle [ 640.128927][ T8832] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 640.340611][ T8834] netlink: 16166 bytes leftover after parsing attributes in process `syz-executor.4'. [ 640.452882][ T8834] loop4: detected capacity change from 0 to 128 [ 640.482368][ T43] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 640.492634][ T8834] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 640.583007][ T29] audit: type=1804 audit(1717028656.504:17): pid=8840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir4105278253/syzkaller.y1cX1s/99/file1" dev="sda1" ino=1966 res=1 errno=0 [ 640.618596][ T43] usb 2-1: Using ep0 maxpacket: 8 [ 640.712311][ T781] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 640.803741][ T43] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 640.811823][ T43] usb 2-1: can't read configurations, error -61 [ 640.879278][ T8844] loop3: detected capacity change from 0 to 1024 [ 640.897949][ T8844] EXT4-fs (loop3): blocks per group (131072) and clusters per group (8192) inconsistent [ 640.982775][ T781] usb 1-1: Using ep0 maxpacket: 32 [ 641.019013][ T43] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 641.138971][ T43] usb 2-1: Using ep0 maxpacket: 8 [ 641.162694][ T781] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 641.174872][ T781] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 641.187519][ T781] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 641.197783][ T781] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 641.252402][ T781] usb 1-1: config 0 descriptor?? [ 641.302217][ T5955] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 641.314070][ T781] hub 1-1:0.0: USB hub found [ 641.384725][ T43] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 641.392723][ T43] usb 2-1: can't read configurations, error -61 [ 641.416225][ T43] usb usb2-port1: unable to enumerate USB device [ 641.496761][ T8852] loop3: detected capacity change from 0 to 256 [ 641.525173][ T8839] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 641.534462][ T8839] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 641.556838][ T5955] usb 3-1: Using ep0 maxpacket: 16 [ 641.572256][ T781] hub 1-1:0.0: 1 port detected [ 641.629948][ T8852] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 641.716700][ T5955] usb 3-1: config 0 has an invalid interface number: 8 but max is 0 [ 641.725701][ T5955] usb 3-1: config 0 has no interface number 0 [ 641.732726][ T5955] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 641.892549][ T5955] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 641.904552][ T5955] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 641.915319][ T5955] usb 3-1: Product: syz [ 641.919721][ T5955] usb 3-1: SerialNumber: syz [ 641.942219][ T5128] vhci_hcd: vhci_device speed not set [ 641.959693][ T5955] usb 3-1: config 0 descriptor?? [ 641.980538][ T8857] loop1: detected capacity change from 0 to 256 [ 642.023743][ T5955] cm109 3-1:0.8: invalid payload size 160, expected 4 [ 642.033300][ T5955] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input9 [ 642.275773][ T8839] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 642.282584][ T8839] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 642.291134][ T8839] vhci_hcd vhci_hcd.0: Device attached [ 642.323454][ T5084] Bluetooth: hci3: unexpected event for opcode 0x2041 [ 642.372661][ T5955] hub 1-1:0.0: activate --> -90 [ 642.461470][ T8863] loop3: detected capacity change from 0 to 256 [ 642.634041][ T5966] usb 9-1: new high-speed USB device number 2 using vhci_hcd [ 642.824995][ T8847] loop2: detected capacity change from 0 to 2048 [ 642.827846][ T8862] vhci_hcd: connection reset by peer [ 642.839146][ T781] usb 1-1: USB disconnect, device number 32 [ 642.845996][ T11] vhci_hcd: stop threads [ 642.850527][ T11] vhci_hcd: release socket [ 642.855273][ T11] vhci_hcd: disconnect device [ 642.889519][ T8847] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 642.929521][ T8847] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 642.937718][ T8847] UDF-fs: Scanning with blocksize 512 failed [ 643.052990][ T8847] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 643.283780][ T8847] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 643.350271][ T8847] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 643.359080][ T8847] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 643.367699][ T8847] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'. [ 643.423535][ T781] usb 3-1: USB disconnect, device number 19 [ 643.452993][ T8872] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 643.471223][ T781] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 643.672287][ T5955] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 643.885495][ T29] audit: type=1804 audit(1717028659.804:18): pid=8876 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1269625548/syzkaller.YMMcXq/39/file1" dev="sda1" ino=1962 res=1 errno=0 [ 643.945362][ T5955] usb 4-1: Using ep0 maxpacket: 32 [ 644.123562][ T5955] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 644.135090][ T5955] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 644.317634][ T5955] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 644.327732][ T5955] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 644.336542][ T5955] usb 4-1: Product: syz [ 644.340946][ T5955] usb 4-1: Manufacturer: syz [ 644.450565][ T5955] hub 4-1:4.0: USB hub found [ 644.690418][ T5955] hub 4-1:4.0: 2 ports detected [ 644.695925][ T10] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 644.749379][ T8859] loop4: detected capacity change from 0 to 32768 [ 644.775087][ T8859] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (8859) [ 644.800231][ T8859] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 644.802013][ T781] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 644.811856][ T8859] BTRFS info (device loop4): using sha256 (sha256-generic) checksum algorithm [ 644.829622][ T8859] BTRFS info (device loop4): using free-space-tree [ 644.837353][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR [ 644.838779][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR [ 644.848922][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR [ 644.859293][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 644.876881][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 644.888780][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 644.898849][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 644.908878][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 644.919376][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 644.929284][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 644.939845][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 644.950989][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 644.962102][ T8859] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 644.999973][ T8859] BTRFS error (device loop4): open_ctree failed [ 645.091782][ T781] usb 2-1: Using ep0 maxpacket: 8 [ 645.244667][ T781] usb 2-1: config 0 has an invalid descriptor of length 132, skipping remainder of the config [ 645.255859][ T781] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 645.256667][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 645.282256][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 645.294265][ T10] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 645.303800][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 645.393949][ T781] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 645.403819][ T781] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 645.412401][ T781] usb 2-1: SerialNumber: syz [ 645.467762][ T781] usb 2-1: config 0 descriptor?? [ 645.487905][ T10] usb 1-1: config 0 descriptor?? [ 645.550408][ T8871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 645.559825][ T8871] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 645.702851][ T5955] usb 4-1: USB disconnect, device number 17 [ 645.773336][ T4722] usb 2-1: USB disconnect, device number 20 [ 646.027559][ T10] konepure 0003:1E7D:2DB4.0006: unknown main item tag 0x0 [ 646.067312][ T10] konepure 0003:1E7D:2DB4.0006: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.0-1/input0 [ 646.170064][ T8912] loop4: detected capacity change from 0 to 256 [ 646.280037][ T10] usb 1-1: USB disconnect, device number 33 [ 646.351041][ T8912] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 647.124739][ T10] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 647.383704][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 647.438038][ T8929] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 647.513666][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 647.524999][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 647.540927][ T10] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 647.552189][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 647.581879][ T5960] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 647.602904][ T10] usb 4-1: config 0 descriptor?? [ 647.645539][ T10] hub 4-1:0.0: USB hub found [ 647.780530][ T5966] vhci_hcd: vhci_device speed not set [ 647.874241][ T8920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 647.882992][ T5960] usb 1-1: Using ep0 maxpacket: 16 [ 647.883430][ T8920] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 648.007938][ T5960] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 648.016836][ T5960] usb 1-1: config 0 has no interface number 0 [ 648.023374][ T5960] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 648.044453][ T10] hub 4-1:0.0: 1 port detected [ 648.182782][ T29] audit: type=1804 audit(1717028664.124:19): pid=8935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir4105278253/syzkaller.y1cX1s/106/file1" dev="sda1" ino=1964 res=1 errno=0 [ 648.224145][ T5960] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 648.233801][ T5960] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 648.248281][ T5960] usb 1-1: Product: syz [ 648.254655][ T5960] usb 1-1: SerialNumber: syz [ 648.283406][ T5960] usb 1-1: config 0 descriptor?? [ 648.354424][ T5960] cm109 1-1:0.8: invalid payload size 160, expected 4 [ 648.366038][ T5960] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input10 [ 648.546413][ T5084] Bluetooth: hci1: unexpected event for opcode 0x2041 [ 648.672352][ T8920] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 648.679164][ T8920] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 648.687437][ T8920] vhci_hcd vhci_hcd.0: Device attached [ 648.753375][ T10] hub 4-1:0.0: activate --> -90 [ 649.011956][ T5960] usb 15-1: new high-speed USB device number 3 using vhci_hcd [ 649.092843][ T8926] loop0: detected capacity change from 0 to 2048 [ 649.132475][ T8926] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 649.159136][ T8926] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 649.170138][ T8926] UDF-fs: Scanning with blocksize 512 failed [ 649.207382][ T1219] ieee802154 phy0 wpan0: encryption failed: -22 [ 649.214203][ T1219] ieee802154 phy1 wpan1: encryption failed: -22 [ 649.250816][ T5955] usb 4-1: USB disconnect, device number 18 [ 649.252756][ T8938] vhci_hcd: connection reset by peer [ 649.270425][ T3898] vhci_hcd: stop threads [ 649.276482][ T3898] vhci_hcd: release socket [ 649.281111][ T3898] vhci_hcd: disconnect device [ 649.327766][ T8926] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 649.491702][ T8926] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 649.561845][ C0] cm109 1-1:0.8: cm109_urb_irq_callback: urb status -71 [ 649.581776][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 649.590133][ T10] usb 1-1: USB disconnect, device number 34 [ 649.601803][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 649.609006][ C0] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 649.644950][ T10] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 650.172862][ T8931] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 650.261995][ T5128] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 650.353086][ T4722] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 650.542265][ T5128] usb 3-1: Using ep0 maxpacket: 8 [ 650.616809][ T4722] usb 4-1: Using ep0 maxpacket: 32 [ 650.650048][ T8952] loop0: detected capacity change from 0 to 256 [ 650.704270][ T5128] usb 3-1: config 0 has an invalid descriptor of length 132, skipping remainder of the config [ 650.708524][ T8952] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 650.714788][ T5128] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 650.772659][ T4722] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 650.784133][ T4722] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 650.827505][ T5128] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 650.837255][ T5128] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 650.845771][ T5128] usb 3-1: SerialNumber: syz [ 650.904305][ T5128] usb 3-1: config 0 descriptor?? [ 650.955209][ T4722] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 650.965111][ T4722] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 650.973915][ T4722] usb 4-1: Product: syz [ 650.978304][ T4722] usb 4-1: Manufacturer: syz [ 651.074201][ T4722] hub 4-1:4.0: USB hub found [ 651.182215][ T10] usb 3-1: USB disconnect, device number 20 [ 651.277187][ T4722] hub 4-1:4.0: 2 ports detected [ 651.603849][ T5966] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 652.004244][ T5966] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 652.015768][ T5966] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 652.026057][ T5966] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 652.041259][ T5966] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 652.056837][ T8950] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 652.065982][ T8950] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 652.088204][ T8958] loop1: detected capacity change from 0 to 32768 [ 652.152756][ T5966] usb 1-1: config 0 descriptor?? [ 652.248070][ T8958] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 652.262385][ T8958] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 652.365209][ T4722] usb 4-1: USB disconnect, device number 19 [ 652.470707][ T8958] bcachefs (loop1): alloc_read... done [ 652.476795][ T8958] bcachefs (loop1): stripes_read... done [ 652.482928][ T8958] bcachefs (loop1): snapshots_read... done [ 652.500915][ T8958] bcachefs (loop1): journal_replay... done [ 652.507204][ T8958] bcachefs (loop1): resume_logged_ops... done [ 652.513934][ T8958] bcachefs (loop1): going read-write [ 652.541935][ T8958] bcachefs (loop1): done starting filesystem [ 652.677758][ T8969] loop2: detected capacity change from 0 to 2048 [ 652.688262][ T5966] konepure 0003:1E7D:2DB4.0007: unknown main item tag 0x0 [ 652.772777][ T5966] konepure 0003:1E7D:2DB4.0007: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.0-1/input0 [ 652.782160][ T8969] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 652.797110][ T8969] ext4 filesystem being mounted at /root/syzkaller-testdir4105278253/syzkaller.y1cX1s/110/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 652.877321][ T7824] bcachefs (loop1): shutting down [ 652.882809][ T7824] bcachefs (loop1): going read-only [ 652.888205][ T7824] bcachefs (loop1): finished waiting for writes to stop [ 652.943315][ T29] audit: type=1804 audit(1717028668.874:20): pid=8967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir4105278253/syzkaller.y1cX1s/110/bus/file0/file0" dev="loop2" ino=13 res=1 errno=0 [ 652.963591][ T5128] usb 1-1: USB disconnect, device number 35 [ 653.022373][ T7824] bcachefs (loop1): flushing journal and stopping allocators, journal seq 10 [ 653.031478][ T7824] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 10 [ 653.037863][ T6917] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 653.088298][ T7824] bcachefs (loop1): shutdown complete, journal seq 11 [ 653.096136][ T7824] bcachefs (loop1): marking filesystem clean [ 653.237119][ T7824] bcachefs (loop1): shutdown complete [ 653.392582][ T8982] fuse: Bad value for 'max_read' [ 654.058569][ T8997] loop4: detected capacity change from 0 to 256 [ 654.162188][ T5960] vhci_hcd: vhci_device speed not set [ 654.293408][ T5955] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 654.308272][ T8997] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 654.581407][ T5955] usb 4-1: Using ep0 maxpacket: 16 [ 654.715485][ T5955] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 654.723944][ T5955] usb 4-1: config 0 has no interface number 0 [ 654.730295][ T5955] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 654.742523][ T5128] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 654.912848][ T5955] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 654.922349][ T5955] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 654.930686][ T5955] usb 4-1: Product: syz [ 654.935192][ T5955] usb 4-1: SerialNumber: syz [ 654.982134][ T5955] usb 4-1: config 0 descriptor?? [ 655.022496][ T5128] usb 1-1: Using ep0 maxpacket: 8 [ 655.044692][ T5955] cm109 4-1:0.8: invalid payload size 160, expected 4 [ 655.054054][ T5955] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input11 [ 655.172673][ T5128] usb 1-1: config 0 has an invalid descriptor of length 132, skipping remainder of the config [ 655.183600][ T5128] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 655.332387][ T5128] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 655.342386][ T5128] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 655.350824][ T5128] usb 1-1: SerialNumber: syz [ 655.420228][ T5128] usb 1-1: config 0 descriptor?? [ 655.683561][ T781] usb 1-1: USB disconnect, device number 36 [ 655.734990][ T9004] loop4: detected capacity change from 0 to 32768 [ 655.766109][ T29] audit: type=1804 audit(1717028671.704:21): pid=9008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1269625548/syzkaller.YMMcXq/45/file1" dev="sda1" ino=1964 res=1 errno=0 [ 655.915490][ T9004] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 655.936310][ T9004] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 655.958781][ T8994] loop3: detected capacity change from 0 to 2048 [ 656.049514][ T8994] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 656.098701][ T8994] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 656.106910][ T8994] UDF-fs: Scanning with blocksize 512 failed [ 656.186204][ T9004] bcachefs (loop4): alloc_read... done [ 656.192218][ T9004] bcachefs (loop4): stripes_read... done [ 656.198233][ T9004] bcachefs (loop4): snapshots_read... done [ 656.216385][ T9004] bcachefs (loop4): journal_replay... done [ 656.222703][ T9004] bcachefs (loop4): resume_logged_ops... done [ 656.235326][ T9004] bcachefs (loop4): going read-write [ 656.278529][ T8994] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 656.313144][ T9004] bcachefs (loop4): done starting filesystem [ 656.506571][ T8290] bcachefs (loop4): shutting down [ 656.512923][ T8290] bcachefs (loop4): going read-only [ 656.518337][ T8290] bcachefs (loop4): finished waiting for writes to stop [ 656.522130][ T8994] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 656.558143][ T781] usb 4-1: USB disconnect, device number 20 [ 656.570120][ T8290] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10 [ 656.581331][ T8290] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10 [ 656.609874][ T8290] bcachefs (loop4): shutdown complete, journal seq 11 [ 656.617768][ T8290] bcachefs (loop4): marking filesystem clean [ 656.628690][ T781] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 656.679610][ T9023] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 656.709687][ T8290] bcachefs (loop4): shutdown complete [ 656.842841][ T5128] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 656.972566][ T10] usb 2-1: new full-speed USB device number 21 using dummy_hcd [ 657.092111][ T5128] usb 1-1: Using ep0 maxpacket: 32 [ 657.213181][ T5128] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 657.224775][ T5128] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 657.352324][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 65535, setting to 64 [ 657.369491][ T10] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 657.384607][ T10] usb 2-1: New USB device found, idVendor=1a34, idProduct=0803, bcdDevice= 0.00 [ 657.394076][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 657.401871][ T5128] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 657.411489][ T5128] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 657.420380][ T5128] usb 1-1: Product: syz [ 657.424849][ T5128] usb 1-1: Manufacturer: syz [ 657.485393][ T10] usb 2-1: config 0 descriptor?? [ 657.499822][ T5128] hub 1-1:4.0: USB hub found [ 657.507261][ T9023] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 657.683770][ T9025] loop3: detected capacity change from 0 to 128 [ 657.777114][ T5128] hub 1-1:4.0: 2 ports detected [ 657.943360][ T9025] FAT-fs (loop3): error, clusters badly computed (4 != 3) [ 657.950905][ T9025] FAT-fs (loop3): Filesystem has been set read-only [ 657.995169][ T9025] FAT-fs (loop3): error, clusters badly computed (5 != 4) [ 658.007666][ T9025] FAT-fs (loop3): error, clusters badly computed (6 != 5) [ 658.577576][ T9022] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 658.589135][ T9022] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 658.863389][ T5128] usb 1-1: USB disconnect, device number 37 [ 659.382112][ T781] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 659.822293][ T781] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 659.833713][ T781] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 659.843889][ T781] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 659.853295][ T781] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 659.926639][ T781] usb 4-1: config 0 descriptor?? [ 660.012566][ T10] usbhid 2-1:0.0: can't add hid device: -71 [ 660.027867][ T10] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 660.079125][ T9033] loop2: detected capacity change from 0 to 4096 [ 660.113903][ T10] usb 2-1: USB disconnect, device number 21 [ 660.368730][ T9045] syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET) [ 660.383307][ T9045] syzkaller1: entered promiscuous mode [ 660.389011][ T9045] syzkaller1: entered allmulticast mode [ 660.432616][ T781] konepure 0003:1E7D:2DB4.0008: unknown main item tag 0x0 [ 660.497640][ T781] konepure 0003:1E7D:2DB4.0008: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.3-1/input0 [ 660.550426][ C1] dccp_invalid_packet: P.CsCov 15 exceeds packet length 1020 [ 660.662262][ T9033] ntfs3: loop2: failed to convert "0000" to iso8859-13 [ 660.669526][ T9033] ntfs3: loop2: failed to convert name for inode 1e. [ 660.691853][ T9049] loop4: detected capacity change from 0 to 256 [ 660.709882][ T9033] TCP: request_sock_TCPv6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 660.750146][ T10] usb 4-1: USB disconnect, device number 21 [ 660.775392][ T29] audit: type=1804 audit(1717028676.714:22): pid=9050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2377494660/syzkaller.7wOByd/116/file1" dev="sda1" ino=1960 res=1 errno=0 [ 660.891204][ T9049] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 661.592707][ T5084] Bluetooth: hci5: command 0x0406 tx timeout [ 662.156684][ T9057] loop4: detected capacity change from 0 to 32768 [ 662.191889][ T10] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 662.252177][ T5128] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 662.317560][ T9057] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 662.331972][ T9057] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 662.462344][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 662.483582][ T9057] bcachefs (loop4): alloc_read... done [ 662.489446][ T9057] bcachefs (loop4): stripes_read... done [ 662.495670][ T9057] bcachefs (loop4): snapshots_read... done [ 662.513613][ T9057] bcachefs (loop4): journal_replay... done [ 662.519805][ T9057] bcachefs (loop4): resume_logged_ops... done [ 662.526427][ T9057] bcachefs (loop4): going read-write [ 662.543495][ T9057] bcachefs (loop4): done starting filesystem [ 662.582456][ T5128] usb 1-1: Using ep0 maxpacket: 8 [ 662.593596][ T10] usb 3-1: config 0 has an invalid interface number: 8 but max is 0 [ 662.602275][ T10] usb 3-1: config 0 has no interface number 0 [ 662.608603][ T10] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 662.732083][ T5128] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 662.762529][ T10] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 662.772124][ T10] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 662.780473][ T10] usb 3-1: Product: syz [ 662.790572][ T10] usb 3-1: SerialNumber: syz [ 662.819020][ T8290] bcachefs (loop4): shutting down [ 662.824505][ T8290] bcachefs (loop4): going read-only [ 662.829909][ T8290] bcachefs (loop4): finished waiting for writes to stop [ 662.853636][ T8290] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10 [ 662.860734][ T10] usb 3-1: config 0 descriptor?? [ 662.864846][ T8290] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10 [ 662.882730][ T5128] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 662.894638][ T5128] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 662.905114][ T5128] usb 1-1: SerialNumber: syz [ 662.932942][ T8290] bcachefs (loop4): shutdown complete, journal seq 11 [ 662.936582][ T10] cm109 3-1:0.8: invalid payload size 160, expected 4 [ 662.940573][ T8290] bcachefs (loop4): marking filesystem clean [ 662.949681][ T10] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input12 [ 662.956658][ T5128] usb 1-1: config 0 descriptor?? [ 663.111105][ T8290] bcachefs (loop4): shutdown complete [ 663.162594][ T5085] Bluetooth: hci3: unexpected event for opcode 0x2041 [ 663.276284][ T5128] usb 1-1: USB disconnect, device number 38 [ 663.681801][ T9062] loop2: detected capacity change from 0 to 2048 [ 663.768549][ T9062] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 663.827697][ T9062] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 663.836096][ T9062] UDF-fs: Scanning with blocksize 512 failed [ 664.004267][ T9062] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 664.101899][ T5960] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 664.152759][ T5085] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 664.161368][ T5085] Bluetooth: hci1: Injecting HCI hardware error event [ 664.169886][ T5085] Bluetooth: hci1: hardware error 0x00 [ 664.240246][ T9062] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 664.324430][ C0] cm109 3-1:0.8: cm109_urb_irq_callback: urb status -71 [ 664.341739][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 664.352443][ T5960] usb 2-1: Using ep0 maxpacket: 32 [ 664.361748][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 664.372530][ T10] usb 3-1: USB disconnect, device number 21 [ 664.381819][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 664.389028][ C0] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 664.416744][ T10] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 664.493172][ T5960] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 664.505710][ T5960] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 664.647925][ T5960] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 664.657798][ T5960] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 664.666615][ T5960] usb 2-1: Product: syz [ 664.671397][ T5960] usb 2-1: Manufacturer: syz [ 664.744774][ T5960] hub 2-1:4.0: USB hub found [ 665.012276][ T5960] hub 2-1:4.0: 2 ports detected [ 665.335072][ T29] audit: type=1326 audit(1717028681.274:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9087 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd05de7cee9 code=0x7ffc0000 [ 665.360824][ T29] audit: type=1326 audit(1717028681.274:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9087 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd05de7cee9 code=0x7ffc0000 [ 665.384881][ T29] audit: type=1326 audit(1717028681.284:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9087 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd05de7cee9 code=0x7ffc0000 [ 665.408087][ T29] audit: type=1326 audit(1717028681.294:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9087 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd05de7cee9 code=0x7ffc0000 [ 665.431277][ T29] audit: type=1326 audit(1717028681.294:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9087 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd05de7cee9 code=0x7ffc0000 [ 665.456754][ T29] audit: type=1326 audit(1717028681.294:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9087 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd05de7cee9 code=0x7ffc0000 [ 665.481040][ T29] audit: type=1326 audit(1717028681.294:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9087 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fd05de7cee9 code=0x7ffc0000 [ 665.648318][ T29] audit: type=1804 audit(1717028681.584:30): pid=9092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir4105278253/syzkaller.y1cX1s/116/file1" dev="sda1" ino=1964 res=1 errno=0 [ 665.787014][ T9099] loop4: detected capacity change from 0 to 256 [ 665.814407][ T9076] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 665.823710][ T9076] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 665.891787][ T9099] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 666.017636][ T5960] usb 2-1: USB disconnect, device number 22 [ 666.232022][ T5085] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 666.475314][ T5128] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 667.264397][ T9107] loop0: detected capacity change from 0 to 32768 [ 667.409811][ T9107] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 667.424264][ T9107] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 667.504473][ T5127] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 667.568300][ T5128] usb 3-1: Using ep0 maxpacket: 16 [ 667.583219][ T9107] bcachefs (loop0): alloc_read... done [ 667.589091][ T9107] bcachefs (loop0): stripes_read... done [ 667.595470][ T9107] bcachefs (loop0): snapshots_read... done [ 667.608581][ T5960] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 667.617637][ T9107] bcachefs (loop0): journal_replay... done [ 667.624228][ T9107] bcachefs (loop0): resume_logged_ops... done [ 667.630776][ T9107] bcachefs (loop0): going read-write [ 667.657771][ T9107] bcachefs (loop0): done starting filesystem [ 667.734033][ T5128] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 667.745965][ T5128] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 667.759283][ T5128] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 667.773683][ T5128] usb 3-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00 [ 667.783144][ T5128] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 667.815005][ T5128] usb 3-1: config 0 descriptor?? [ 667.829434][ T6798] bcachefs (loop0): shutting down [ 667.836628][ T6798] bcachefs (loop0): going read-only [ 667.842432][ T6798] bcachefs (loop0): finished waiting for writes to stop [ 667.853415][ T6798] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10 [ 667.873414][ T6798] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10 [ 667.891992][ T5960] usb 4-1: Using ep0 maxpacket: 8 [ 667.898151][ T6798] bcachefs (loop0): shutdown complete, journal seq 11 [ 667.910881][ T6798] bcachefs (loop0): marking filesystem clean [ 667.954362][ T5127] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 667.965919][ T5127] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 667.976128][ T5127] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 667.985511][ T5127] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 667.999045][ T5127] usb 5-1: config 0 descriptor?? [ 668.026220][ T6798] bcachefs (loop0): shutdown complete [ 668.033075][ T5960] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 668.044198][ T5960] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 668.054182][ T5960] usb 4-1: config 1 has no interface number 1 [ 668.060512][ T5960] usb 4-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 668.072052][ T5960] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 668.087703][ T5960] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 668.273889][ T5960] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 668.283376][ T5960] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 668.291731][ T5960] usb 4-1: Product: syz [ 668.296121][ T5960] usb 4-1: Manufacturer: syz [ 668.300945][ T5960] usb 4-1: SerialNumber: syz [ 668.312184][ T5966] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 668.337136][ T5128] hkems 0003:2006:0118.0009: unknown main item tag 0x0 [ 668.344742][ T5128] hkems 0003:2006:0118.0009: unbalanced collection at end of report description [ 668.364480][ T5128] hkems 0003:2006:0118.0009: parse failed [ 668.370698][ T5128] hkems 0003:2006:0118.0009: probe with driver hkems failed with error -22 [ 668.561498][ T5955] usb 3-1: USB disconnect, device number 22 [ 668.582100][ T5966] usb 2-1: Using ep0 maxpacket: 16 [ 668.616346][ T5127] usbhid 5-1:0.0: can't add hid device: -71 [ 668.628742][ T5127] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 668.675028][ T5127] usb 5-1: USB disconnect, device number 9 [ 668.750267][ T5966] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 668.758931][ T5966] usb 2-1: config 0 has no interface number 0 [ 668.765520][ T5966] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 668.863477][ T5960] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor [ 668.873208][ T5960] usb 4-1: 2:1 : format type 0 is detected, processed as PCM [ 668.942293][ T5966] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 668.952011][ T5966] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 668.960356][ T5966] usb 2-1: Product: syz [ 668.964897][ T5966] usb 2-1: SerialNumber: syz [ 668.979991][ T5966] usb 2-1: config 0 descriptor?? [ 669.060634][ T5960] usb 4-1: USB disconnect, device number 22 [ 669.085310][ T5966] cm109 2-1:0.8: invalid payload size 160, expected 4 [ 669.095034][ T5966] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input13 [ 669.281814][ T5084] Bluetooth: hci5: unexpected event for opcode 0x2041 [ 669.512846][ T29] audit: type=1804 audit(1717028685.434:31): pid=9127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir4105278253/syzkaller.y1cX1s/118/file1" dev="sda1" ino=1944 res=1 errno=0 [ 669.616212][ T9133] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.4'. [ 669.771476][ T9125] loop1: detected capacity change from 0 to 2048 [ 669.892107][ T9125] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 669.922294][ T9125] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 669.930190][ T9125] UDF-fs: Scanning with blocksize 512 failed [ 669.965045][ T9136] loop3: detected capacity change from 0 to 256 [ 670.081906][ T9125] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 670.151147][ T9136] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 670.239384][ T9125] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 670.280243][ T5966] usb 2-1: USB disconnect, device number 23 [ 670.320659][ T5966] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 670.482407][ T5127] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 670.741875][ T5127] usb 1-1: Using ep0 maxpacket: 32 [ 670.913114][ T5127] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 670.924568][ T5127] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 671.154420][ T5127] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 671.164148][ T5127] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 671.172870][ T5127] usb 1-1: Product: syz [ 671.177258][ T5127] usb 1-1: Manufacturer: syz [ 671.340232][ T5127] hub 1-1:4.0: USB hub found [ 671.466606][ T9151] loop2: detected capacity change from 0 to 32768 [ 671.570800][ T5127] hub 1-1:4.0: 2 ports detected [ 671.623784][ T9151] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 671.638693][ T9151] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 671.912349][ T9151] bcachefs (loop2): alloc_read... done [ 671.918246][ T9151] bcachefs (loop2): stripes_read... done [ 671.924401][ T9151] bcachefs (loop2): snapshots_read... done [ 671.942441][ T9151] bcachefs (loop2): journal_replay... done [ 671.948708][ T9151] bcachefs (loop2): resume_logged_ops... done [ 671.955396][ T9151] bcachefs (loop2): going read-write [ 671.979477][ T9151] bcachefs (loop2): done starting filesystem [ 672.094013][ T6917] bcachefs (loop2): shutting down [ 672.099356][ T6917] bcachefs (loop2): going read-only [ 672.107836][ T6917] bcachefs (loop2): finished waiting for writes to stop [ 672.116507][ T5128] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 672.133626][ T6917] bcachefs (loop2): flushing journal and stopping allocators, journal seq 10 [ 672.144019][ T6917] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10 [ 672.168621][ T6917] bcachefs (loop2): shutdown complete, journal seq 11 [ 672.177495][ T6917] bcachefs (loop2): marking filesystem clean [ 672.278585][ T6917] bcachefs (loop2): shutdown complete [ 672.334571][ T9143] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 672.343787][ T9143] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 672.477769][ T5127] usb 1-1: USB disconnect, device number 39 [ 672.564685][ T5128] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 672.576007][ T5128] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 672.586157][ T5128] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 672.596465][ T5128] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 672.631007][ T5128] usb 2-1: config 0 descriptor?? [ 673.102105][ T5955] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 673.202598][ T5128] usbhid 2-1:0.0: can't add hid device: -71 [ 673.209240][ T5128] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 673.249352][ T5128] usb 2-1: USB disconnect, device number 24 [ 673.382318][ T9172] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.0'. [ 673.383148][ T5955] usb 4-1: Using ep0 maxpacket: 8 [ 673.533904][ T5955] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 673.546920][ T5955] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 673.557017][ T5955] usb 4-1: config 1 has no interface number 1 [ 673.563567][ T5955] usb 4-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 673.574334][ T5955] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 673.587607][ T5955] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 673.792801][ T5955] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 673.802238][ T5955] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 673.810489][ T5955] usb 4-1: Product: syz [ 673.814965][ T5955] usb 4-1: Manufacturer: syz [ 673.819791][ T5955] usb 4-1: SerialNumber: syz [ 674.035149][ T29] audit: type=1804 audit(1717028689.964:32): pid=9174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2377494660/syzkaller.7wOByd/126/file1" dev="sda1" ino=1951 res=1 errno=0 [ 674.402980][ T5955] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor [ 674.411097][ T5955] usb 4-1: 2:1 : format type 0 is detected, processed as PCM [ 674.474743][ T9181] loop2: detected capacity change from 0 to 512 [ 674.578292][ T9181] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.2: corrupted in-inode xattr: bad e_name length [ 674.594364][ T5955] usb 4-1: USB disconnect, device number 23 [ 674.604377][ T9181] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 674.640416][ T9181] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 674.660167][ T9181] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 674.729990][ T9187] loop0: detected capacity change from 0 to 1024 [ 674.734502][ T9188] loop1: detected capacity change from 0 to 256 [ 674.857277][ T9188] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 674.890049][ T9187] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 675.266539][ T6798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 675.288312][ T9192] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 675.297624][ T9192] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 675.397413][ T9195] syz-executor.4[9195] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 675.397969][ T9195] syz-executor.4[9195] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 675.537644][ T9197] loop1: detected capacity change from 0 to 256 [ 676.387305][ T9199] loop0: detected capacity change from 0 to 32768 [ 676.727860][ T5127] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 677.027661][ T9199] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 677.042063][ T9199] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 677.052246][ T5127] usb 4-1: Using ep0 maxpacket: 16 [ 677.209473][ T5127] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 677.218249][ T5127] usb 4-1: config 0 has no interface number 0 [ 677.227502][ T5127] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 677.466344][ T9199] bcachefs (loop0): alloc_read... done [ 677.472307][ T9199] bcachefs (loop0): stripes_read... done [ 677.478308][ T9199] bcachefs (loop0): snapshots_read... done [ 677.496512][ T9199] bcachefs (loop0): journal_replay... done [ 677.502811][ T9199] bcachefs (loop0): resume_logged_ops... done [ 677.509351][ T9199] bcachefs (loop0): going read-write [ 677.526858][ T5127] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 677.538915][ T5127] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 677.548087][ T5127] usb 4-1: Product: syz [ 677.552553][ T5127] usb 4-1: SerialNumber: syz [ 677.627936][ T9199] bcachefs (loop0): done starting filesystem [ 677.725582][ T5127] usb 4-1: config 0 descriptor?? [ 677.795386][ T6798] bcachefs (loop0): shutting down [ 677.800854][ T6798] bcachefs (loop0): going read-only [ 677.806461][ T6798] bcachefs (loop0): finished waiting for writes to stop [ 677.826976][ T5127] cm109 4-1:0.8: invalid payload size 160, expected 4 [ 677.841254][ T5127] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input14 [ 677.914598][ T6798] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10 [ 677.975451][ T6798] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10 [ 678.069212][ T6798] bcachefs (loop0): shutdown complete, journal seq 11 [ 678.077135][ T6798] bcachefs (loop0): marking filesystem clean [ 678.110574][ T9218] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'. [ 678.277228][ T5128] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 678.342037][ T6798] bcachefs (loop0): shutdown complete [ 678.608730][ T5128] usb 5-1: Using ep0 maxpacket: 32 [ 678.694746][ T29] audit: type=1804 audit(1717028694.644:33): pid=9220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir4105278253/syzkaller.y1cX1s/124/file1" dev="sda1" ino=1957 res=1 errno=0 [ 678.819551][ T9194] loop3: detected capacity change from 0 to 2048 [ 678.832294][ T5128] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 678.843879][ T5128] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 678.899096][ T9194] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 678.926731][ T9194] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 678.935031][ T9194] UDF-fs: Scanning with blocksize 512 failed [ 678.987633][ T9194] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 679.002449][ T5128] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 679.011886][ T5128] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 679.020498][ T5128] usb 5-1: Product: syz [ 679.025042][ T5128] usb 5-1: Manufacturer: syz [ 679.077481][ T9194] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 679.095536][ T5966] usb 4-1: USB disconnect, device number 24 [ 679.146019][ T5966] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 679.155353][ T5128] hub 5-1:4.0: USB hub found [ 679.362560][ T5128] hub 5-1:4.0: 2 ports detected [ 679.499576][ T9227] loop1: detected capacity change from 0 to 256 [ 679.528030][ T9227] exfat: Unknown parameter '0xffffffffffffffff26' [ 680.066087][ T9216] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 680.075364][ T9216] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 680.261891][ T781] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 680.290911][ T5128] usb 5-1: USB disconnect, device number 10 [ 680.532966][ T781] usb 2-1: Using ep0 maxpacket: 8 [ 680.673037][ T781] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 680.683619][ T781] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 680.692940][ T781] usb 2-1: config 1 has no interface number 1 [ 680.699271][ T781] usb 2-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 680.712645][ T781] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 680.726673][ T781] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 680.912679][ T781] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 680.922150][ T781] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 680.930413][ T781] usb 2-1: Product: syz [ 680.934929][ T781] usb 2-1: Manufacturer: syz [ 680.939761][ T781] usb 2-1: SerialNumber: syz [ 680.954173][ T5127] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 681.274807][ T9242] loop4: detected capacity change from 0 to 512 [ 681.313697][ T9242] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 681.390242][ T9242] EXT4-fs (loop4): 1 truncate cleaned up [ 681.396815][ T9242] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 681.435340][ T5127] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 681.446873][ T5127] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 681.457424][ T5127] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 681.466839][ T5127] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 681.665329][ T9225] loop2: detected capacity change from 0 to 32768 [ 681.746770][ T9225] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (9225) [ 682.254467][ T9246] loop3: detected capacity change from 0 to 32768 [ 682.271772][ T781] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 682.279870][ T781] usb 2-1: 2:1 : format type 0 is detected, processed as PCM [ 682.306153][ T5127] usb 1-1: config 0 descriptor?? [ 682.432661][ T9246] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 682.450542][ T9246] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 682.500053][ T781] usb 2-1: USB disconnect, device number 25 [ 682.682692][ T9246] bcachefs (loop3): alloc_read... done [ 682.688569][ T9246] bcachefs (loop3): stripes_read... done [ 682.699751][ T9246] bcachefs (loop3): snapshots_read... done [ 682.717744][ T9246] bcachefs (loop3): journal_replay... done [ 682.724099][ T9246] bcachefs (loop3): resume_logged_ops... done [ 682.730649][ T9246] bcachefs (loop3): going read-write [ 682.795687][ T9246] bcachefs (loop3): done starting filesystem [ 682.902600][ T5127] usbhid 1-1:0.0: can't add hid device: -71 [ 682.909335][ T5127] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 682.954768][ T5127] usb 1-1: USB disconnect, device number 40 [ 683.071700][ T8337] bcachefs (loop3): shutting down [ 683.077058][ T8337] bcachefs (loop3): going read-only [ 683.082632][ T8337] bcachefs (loop3): finished waiting for writes to stop [ 683.140735][ T8337] bcachefs (loop3): flushing journal and stopping allocators, journal seq 10 [ 683.167114][ T8337] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 10 [ 683.177802][ T29] audit: type=1804 audit(1717028699.124:34): pid=9264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1269625548/syzkaller.YMMcXq/60/file1" dev="sda1" ino=1949 res=1 errno=0 [ 683.221114][ T8337] bcachefs (loop3): shutdown complete, journal seq 11 [ 683.229246][ T8337] bcachefs (loop3): marking filesystem clean [ 683.262193][ T29] audit: type=1800 audit(1717028699.174:35): pid=9242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="ext4" dev="loop4" ino=19 res=0 errno=0 [ 683.392847][ T8337] bcachefs (loop3): shutdown complete [ 683.656206][ T8290] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 683.945101][ T9267] loop0: detected capacity change from 0 to 24 [ 684.044023][ T9273] loop4: detected capacity change from 0 to 256 [ 684.068531][ T9273] exfat: Unknown parameter '0xffffffffffffffff26' [ 684.188311][ T5127] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 684.462019][ T5127] usb 2-1: Using ep0 maxpacket: 16 [ 684.612524][ T5127] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 684.620822][ T5127] usb 2-1: config 0 has no interface number 0 [ 684.627477][ T5127] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 684.783965][ T781] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 684.804556][ T5127] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 684.814413][ T5127] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 684.822852][ T5127] usb 2-1: Product: syz [ 684.827235][ T5127] usb 2-1: SerialNumber: syz [ 684.879215][ T5127] usb 2-1: config 0 descriptor?? [ 684.940314][ T5127] cm109 2-1:0.8: invalid payload size 160, expected 4 [ 684.949792][ T5127] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input15 [ 685.091896][ T781] usb 1-1: Using ep0 maxpacket: 32 [ 685.148117][ T5084] Bluetooth: hci5: unexpected event for opcode 0x2041 [ 685.155708][ T5966] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 685.234767][ T781] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 685.246108][ T781] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 685.393439][ T781] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 685.402956][ T781] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 685.411708][ T781] usb 1-1: Product: syz [ 685.418938][ T781] usb 1-1: Manufacturer: syz [ 685.425139][ T5966] usb 3-1: Using ep0 maxpacket: 8 [ 685.522672][ T781] hub 1-1:4.0: USB hub found [ 685.542753][ T5966] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 685.553261][ T5966] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 685.562608][ T5966] usb 3-1: config 1 has no interface number 1 [ 685.568948][ T5966] usb 3-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 685.579797][ T5966] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 685.593666][ T5966] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 685.622032][ T9269] loop1: detected capacity change from 0 to 2048 [ 685.652472][ T9287] 9pnet_fd: Insufficient options for proto=fd [ 685.751945][ T781] hub 1-1:4.0: 2 ports detected [ 685.834336][ T5966] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 685.843856][ T5966] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 685.852265][ T5966] usb 3-1: Product: syz [ 685.856666][ T5966] usb 3-1: Manufacturer: syz [ 685.861493][ T5966] usb 3-1: SerialNumber: syz [ 685.884221][ T9269] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 685.914423][ T9269] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 685.924788][ T9269] UDF-fs: Scanning with blocksize 512 failed [ 686.024739][ T9269] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 686.140073][ T9269] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 686.160224][ T5127] usb 2-1: USB disconnect, device number 26 [ 686.201807][ T5127] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 686.311632][ C0] hrtimer: interrupt took 235525 ns [ 686.387966][ T5966] usb 3-1: 2:1 : no or invalid class specific endpoint descriptor [ 686.396316][ T5966] usb 3-1: 2:1 : format type 0 is detected, processed as PCM [ 686.400108][ T9279] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 686.413588][ T9279] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 686.569580][ T781] usb 1-1: USB disconnect, device number 41 [ 686.589833][ T5966] usb 3-1: USB disconnect, device number 23 [ 687.383583][ T9293] loop3: detected capacity change from 0 to 32768 [ 687.592173][ T9293] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 687.607049][ T9293] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 687.717021][ T9302] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 687.786371][ T9293] bcachefs (loop3): alloc_read... done [ 687.792460][ T9293] bcachefs (loop3): stripes_read... done [ 687.798483][ T9293] bcachefs (loop3): snapshots_read... done [ 687.816550][ T9293] bcachefs (loop3): journal_replay... done [ 687.822801][ T9293] bcachefs (loop3): resume_logged_ops... done [ 687.829343][ T9293] bcachefs (loop3): going read-write [ 687.868696][ T9309] loop1: detected capacity change from 0 to 512 [ 687.897175][ T29] audit: type=1804 audit(1717028703.804:36): pid=9306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir4105278253/syzkaller.y1cX1s/129/file1" dev="sda1" ino=1950 res=1 errno=0 [ 687.924886][ T9309] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 687.935750][ T9293] bcachefs (loop3): done starting filesystem [ 688.057721][ T8337] bcachefs (loop3): shutting down [ 688.063955][ T8337] bcachefs (loop3): going read-only [ 688.069354][ T8337] bcachefs (loop3): finished waiting for writes to stop [ 688.126531][ T8337] bcachefs (loop3): flushing journal and stopping allocators, journal seq 10 [ 688.144099][ T9309] EXT4-fs (loop1): 1 truncate cleaned up [ 688.150086][ T9309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 688.192157][ T8337] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 10 [ 688.236966][ T8337] bcachefs (loop3): shutdown complete, journal seq 11 [ 688.244793][ T8337] bcachefs (loop3): marking filesystem clean [ 688.340017][ T8337] bcachefs (loop3): shutdown complete [ 688.396670][ T29] audit: type=1326 audit(1717028704.334:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd05de7cee9 code=0x0 [ 688.628400][ T9318] loop2: detected capacity change from 0 to 256 [ 688.679613][ T9318] exfat: Unknown parameter '0xffffffffffffffff26' [ 689.641941][ T29] audit: type=1800 audit(1717028705.534:38): pid=9309 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="ext4" dev="loop1" ino=19 res=0 errno=0 [ 689.880901][ T7824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 689.932470][ T9326] loop4: detected capacity change from 0 to 4096 [ 689.956690][ T9326] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 690.376883][ T9329] 9pnet_fd: Insufficient options for proto=fd [ 690.771847][ T5960] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 690.812948][ T5127] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 691.033005][ T5960] usb 1-1: Using ep0 maxpacket: 8 [ 691.071786][ T5127] usb 2-1: Using ep0 maxpacket: 16 [ 691.213212][ T5127] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 691.221500][ T5127] usb 2-1: config 0 has no interface number 0 [ 691.227978][ T5127] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 691.392371][ T5127] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 691.402061][ T5127] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 691.410414][ T5127] usb 2-1: Product: syz [ 691.414893][ T5127] usb 2-1: SerialNumber: syz [ 691.473448][ T5127] usb 2-1: config 0 descriptor?? [ 691.523805][ T5127] cm109 2-1:0.8: invalid payload size 160, expected 4 [ 691.533276][ T5127] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input16 [ 691.678873][ T9344] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 691.738514][ T5085] Bluetooth: hci5: unexpected event for opcode 0x2041 [ 691.854752][ T9342] loop4: detected capacity change from 0 to 32768 [ 691.877181][ T4722] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 691.912270][ T5960] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 691.923083][ T5960] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 691.932466][ T5960] usb 1-1: config 1 has no interface number 1 [ 691.938803][ T5960] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 691.949606][ T5960] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 691.962945][ T5960] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 692.096845][ T9342] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 692.111215][ T9342] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 692.242058][ T4722] usb 3-1: Using ep0 maxpacket: 32 [ 692.286180][ T29] audit: type=1804 audit(1717028708.184:39): pid=9352 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir14087684/syzkaller.cuuhLy/43/file1" dev="sda1" ino=1965 res=1 errno=0 [ 692.329961][ T9342] bcachefs (loop4): alloc_read... done [ 692.336555][ T9342] bcachefs (loop4): stripes_read... done [ 692.342759][ T9342] bcachefs (loop4): snapshots_read... done [ 692.352415][ T9336] loop1: detected capacity change from 0 to 2048 [ 692.360565][ T9342] bcachefs (loop4): journal_replay... done [ 692.366867][ T9342] bcachefs (loop4): resume_logged_ops... done [ 692.373521][ T9342] bcachefs (loop4): going read-write [ 692.387948][ T5960] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 692.400085][ T5960] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 692.406409][ T9336] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 692.409153][ T5960] usb 1-1: Product: syz [ 692.424071][ T5960] usb 1-1: Manufacturer: syz [ 692.428907][ T5960] usb 1-1: SerialNumber: syz [ 692.443444][ T4722] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 692.455094][ T4722] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 692.490714][ T9336] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 692.498873][ T9336] UDF-fs: Scanning with blocksize 512 failed [ 692.510520][ T9342] bcachefs (loop4): done starting filesystem [ 692.566227][ T9336] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 692.643337][ T4722] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 692.654312][ T4722] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 692.663467][ T4722] usb 3-1: Product: syz [ 692.667870][ T4722] usb 3-1: Manufacturer: syz [ 692.683327][ T8290] bcachefs (loop4): shutting down [ 692.694756][ T8290] bcachefs (loop4): going read-only [ 692.700168][ T8290] bcachefs (loop4): finished waiting for writes to stop [ 692.702793][ T9336] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 692.730679][ T5127] usb 2-1: USB disconnect, device number 27 [ 692.736933][ C1] cm109 2-1:0.8: cm109_urb_irq_callback: urb status -71 [ 692.737063][ C1] cm109 2-1:0.8: cm109_urb_irq_callback: usb_submit_urb (urb_ctl) failed -19 [ 692.768418][ T5127] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 692.796964][ T4722] hub 3-1:4.0: USB hub found [ 692.805329][ T8290] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10 [ 692.825801][ T8290] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10 [ 692.859959][ T8290] bcachefs (loop4): shutdown complete, journal seq 11 [ 692.868298][ T8290] bcachefs (loop4): marking filesystem clean [ 692.947448][ T8290] bcachefs (loop4): shutdown complete [ 693.005018][ T5960] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor [ 693.013315][ T5960] usb 1-1: 2:1 : format type 0 is detected, processed as PCM [ 693.052119][ T4722] hub 3-1:4.0: 2 ports detected [ 693.177007][ T5960] usb 1-1: USB disconnect, device number 42 [ 693.712104][ T9339] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 693.721121][ T9339] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 693.889626][ T4722] usb 3-1: USB disconnect, device number 24 [ 694.243630][ T9365] loop1: detected capacity change from 0 to 512 [ 694.270818][ T9365] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 694.336034][ T9365] EXT4-fs (loop1): 1 truncate cleaned up [ 694.342182][ T9365] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 695.119103][ T9374] 9pnet_fd: Insufficient options for proto=fd [ 695.372161][ T9380] loop4: detected capacity change from 0 to 256 [ 695.428549][ T9380] exfat: Unknown parameter 're0x000000002073736526' [ 695.765831][ T9378] loop0: detected capacity change from 0 to 4096 [ 695.818629][ T9378] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 695.869709][ T29] audit: type=1800 audit(1717028711.794:40): pid=9365 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="ext4" dev="loop1" ino=19 res=0 errno=0 [ 696.053021][ T9387] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 696.161184][ T7824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 697.068631][ T9389] loop2: detected capacity change from 0 to 32768 [ 697.096393][ T29] audit: type=1804 audit(1717028712.994:41): pid=9395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1269625548/syzkaller.YMMcXq/66/file1" dev="sda1" ino=1958 res=1 errno=0 [ 697.271879][ T9389] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 697.271879][ T4722] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 697.297457][ T9389] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 697.492787][ T9389] bcachefs (loop2): alloc_read... done [ 697.502218][ T9389] bcachefs (loop2): stripes_read... done [ 697.508241][ T9389] bcachefs (loop2): snapshots_read... done [ 697.511962][ T4722] usb 5-1: Using ep0 maxpacket: 16 [ 697.526994][ T9389] bcachefs (loop2): journal_replay... done [ 697.533238][ T9389] bcachefs (loop2): resume_logged_ops... done [ 697.539779][ T9389] bcachefs (loop2): going read-write [ 697.569896][ T9389] bcachefs (loop2): done starting filesystem [ 697.591979][ T5960] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 697.668227][ T4722] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 697.676914][ T4722] usb 5-1: config 0 has no interface number 0 [ 697.683430][ T4722] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 697.714005][ T6917] bcachefs (loop2): shutting down [ 697.719245][ T6917] bcachefs (loop2): going read-only [ 697.724807][ T6917] bcachefs (loop2): finished waiting for writes to stop [ 697.775197][ T6917] bcachefs (loop2): flushing journal and stopping allocators, journal seq 10 [ 697.785262][ T6917] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10 [ 697.806705][ T6917] bcachefs (loop2): shutdown complete, journal seq 11 [ 697.818888][ T6917] bcachefs (loop2): marking filesystem clean [ 697.840295][ T4722] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 697.850189][ T4722] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 697.858621][ T4722] usb 5-1: Product: syz [ 697.863241][ T4722] usb 5-1: SerialNumber: syz [ 697.886475][ T4722] usb 5-1: config 0 descriptor?? [ 697.949075][ T5960] usb 1-1: Using ep0 maxpacket: 8 [ 697.967441][ T4722] cm109 5-1:0.8: invalid payload size 160, expected 4 [ 697.969100][ T6917] bcachefs (loop2): shutdown complete [ 697.977154][ T4722] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input17 [ 698.142335][ T5960] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 698.152973][ T5960] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 698.162368][ T5960] usb 1-1: config 1 has no interface number 1 [ 698.168718][ T5960] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 698.179578][ T5960] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 698.193093][ T5960] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 698.242489][ T5084] Bluetooth: hci0: unexpected event for opcode 0x2041 [ 698.386316][ T5960] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 698.396173][ T5960] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 698.404542][ T5960] usb 1-1: Product: syz [ 698.408929][ T5960] usb 1-1: Manufacturer: syz [ 698.413901][ T5960] usb 1-1: SerialNumber: syz [ 698.491979][ T5127] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 698.643382][ T9411] loop1: detected capacity change from 0 to 4096 [ 698.660663][ T9411] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 698.702953][ T9393] loop4: detected capacity change from 0 to 2048 [ 698.768853][ T9393] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 698.782939][ T5127] usb 4-1: Using ep0 maxpacket: 32 [ 698.812020][ T9393] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 698.819973][ T9393] UDF-fs: Scanning with blocksize 512 failed [ 698.908669][ T9393] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 698.948325][ T5127] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 698.959956][ T5127] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 698.987249][ T5960] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor [ 698.995638][ T5960] usb 1-1: 2:1 : format type 0 is detected, processed as PCM [ 699.081031][ T9393] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 699.091761][ C0] cm109 5-1:0.8: cm109_urb_irq_callback: urb status -71 [ 699.093786][ T781] usb 5-1: USB disconnect, device number 11 [ 699.098887][ C0] cm109 5-1:0.8: cm109_urb_irq_callback: usb_submit_urb (urb_ctl) failed -19 [ 699.140042][ T5127] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 699.149525][ T5127] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 699.158266][ T5127] usb 4-1: Product: syz [ 699.163615][ T5127] usb 4-1: Manufacturer: syz [ 699.199662][ T781] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 699.210291][ T5960] usb 1-1: USB disconnect, device number 43 [ 699.264056][ T5127] hub 4-1:4.0: USB hub found [ 699.472638][ T5127] hub 4-1:4.0: 2 ports detected [ 699.827599][ T9419] loop0: detected capacity change from 0 to 256 [ 699.918349][ T9417] 9pnet_fd: Insufficient options for proto=fd [ 699.976765][ T9419] exfat: Unknown parameter 're0x000000002073736526' [ 700.187724][ T9413] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 700.197968][ T9413] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 700.426862][ T5127] usb 4-1: USB disconnect, device number 25 [ 700.430932][ T9425] loop4: detected capacity change from 0 to 512 [ 700.480481][ T9425] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 700.534157][ T9425] EXT4-fs (loop4): 1 truncate cleaned up [ 700.540244][ T9425] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 700.608742][ T9423] loop2: detected capacity change from 0 to 4096 [ 700.627581][ T9423] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 700.949620][ T9423] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 701.093437][ T9429] loop1: detected capacity change from 0 to 4096 [ 701.178176][ T9429] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 701.359273][ T29] audit: type=1804 audit(1717028717.324:42): pid=9443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2377494660/syzkaller.7wOByd/142/file1" dev="sda1" ino=1942 res=1 errno=0 [ 702.197068][ T9442] loop3: detected capacity change from 0 to 32768 [ 702.345744][ T9442] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 702.360117][ T9442] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 702.579904][ T9442] bcachefs (loop3): alloc_read... done [ 702.586021][ T9442] bcachefs (loop3): stripes_read... done [ 702.592333][ T9442] bcachefs (loop3): snapshots_read... done [ 702.599054][ T29] audit: type=1800 audit(1717028718.494:43): pid=9425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="ext4" dev="loop4" ino=19 res=0 errno=0 [ 702.610084][ T9442] bcachefs (loop3): journal_replay... done [ 702.634545][ T9442] bcachefs (loop3): resume_logged_ops... done [ 702.641110][ T9442] bcachefs (loop3): going read-write [ 702.678496][ T9442] bcachefs (loop3): done starting filesystem [ 702.930628][ T8337] bcachefs (loop3): shutting down [ 702.936039][ T8337] bcachefs (loop3): going read-only [ 702.941432][ T8337] bcachefs (loop3): finished waiting for writes to stop [ 702.972651][ T8290] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 703.010077][ T8337] bcachefs (loop3): flushing journal and stopping allocators, journal seq 10 [ 703.044114][ T8337] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 10 [ 703.091858][ T8337] bcachefs (loop3): shutdown complete, journal seq 11 [ 703.099379][ T8337] bcachefs (loop3): marking filesystem clean [ 703.263900][ T8337] bcachefs (loop3): shutdown complete [ 703.348051][ T9459] loop0: detected capacity change from 0 to 4096 [ 703.429841][ T9459] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 703.513193][ T9459] ntfs3: loop0: Failed to load $MFT. [ 703.617195][ T5127] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 703.693708][ T5955] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 703.922256][ T5127] usb 2-1: Using ep0 maxpacket: 16 [ 703.971783][ T5955] usb 5-1: Using ep0 maxpacket: 8 [ 704.063635][ T5127] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 704.072191][ T5127] usb 2-1: config 0 has no interface number 0 [ 704.078534][ T5127] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 704.131198][ T5955] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 704.141829][ T5955] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 704.151063][ T5955] usb 5-1: config 1 has no interface number 1 [ 704.160310][ T5955] usb 5-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 704.171925][ T5955] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 704.185214][ T5955] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 704.303587][ T5127] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 704.314798][ T5127] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 704.323805][ T5127] usb 2-1: Product: syz [ 704.328201][ T5127] usb 2-1: SerialNumber: syz [ 704.363833][ T5127] usb 2-1: config 0 descriptor?? [ 704.422627][ T5955] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 704.432176][ T5955] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 704.440450][ T5955] usb 5-1: Product: syz [ 704.444976][ T5955] usb 5-1: Manufacturer: syz [ 704.449886][ T5955] usb 5-1: SerialNumber: syz [ 704.471272][ T5127] cm109 2-1:0.8: invalid payload size 160, expected 4 [ 704.481869][ T5127] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input18 [ 704.643974][ T5085] Bluetooth: hci5: unexpected event for opcode 0x2041 [ 704.904972][ T5955] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor [ 704.913215][ T5955] usb 5-1: 2:1 : format type 0 is detected, processed as PCM [ 705.106094][ T5955] usb 5-1: USB disconnect, device number 12 [ 705.169057][ T9461] loop1: detected capacity change from 0 to 2048 [ 705.293622][ T9461] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 705.325890][ T9461] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 705.334052][ T9461] UDF-fs: Scanning with blocksize 512 failed [ 705.480722][ T9461] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 705.543125][ T9470] loop0: detected capacity change from 0 to 128 [ 705.638170][ T5960] usb 2-1: USB disconnect, device number 28 [ 705.679835][ T5960] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 706.041846][ T5955] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 706.343643][ T5955] usb 5-1: Using ep0 maxpacket: 32 [ 706.514738][ T5955] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 706.526144][ T5955] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 706.574129][ T9480] loop3: detected capacity change from 0 to 4096 [ 706.648491][ T9480] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 706.714819][ T5955] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 706.728906][ T5955] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 706.738597][ T5955] usb 5-1: Product: syz [ 706.743074][ T5955] usb 5-1: Manufacturer: syz [ 706.827438][ T9482] loop2: detected capacity change from 0 to 4096 [ 706.844706][ T9482] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 706.869248][ T5955] hub 5-1:4.0: USB hub found [ 706.905225][ T9480] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 706.933142][ T29] audit: type=1804 audit(1717028722.854:44): pid=9486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1269625548/syzkaller.YMMcXq/73/file1" dev="sda1" ino=1965 res=1 errno=0 [ 707.035004][ T4722] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 707.152887][ T5955] hub 5-1:4.0: 2 ports detected [ 707.264023][ T4722] usb 1-1: device descriptor read/64, error -71 [ 707.403609][ T9490] netlink: 300 bytes leftover after parsing attributes in process `syz-executor.1'. [ 707.543128][ T4722] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 707.772333][ T4722] usb 1-1: device descriptor read/64, error -71 [ 707.920379][ T4722] usb usb1-port1: attempt power cycle [ 708.113465][ T9477] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 708.122625][ T9477] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 708.228307][ T9492] loop3: detected capacity change from 0 to 32768 [ 708.306819][ T5955] usb 5-1: USB disconnect, device number 13 [ 708.408903][ T9492] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 708.423741][ T9492] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 708.587426][ T9492] bcachefs (loop3): alloc_read... done [ 708.593409][ T9492] bcachefs (loop3): stripes_read... done [ 708.599416][ T9492] bcachefs (loop3): snapshots_read... done [ 708.602990][ T4722] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 708.617290][ T9492] bcachefs (loop3): journal_replay... done [ 708.623541][ T9492] bcachefs (loop3): resume_logged_ops... done [ 708.630093][ T9492] bcachefs (loop3): going read-write [ 708.668578][ T9492] bcachefs (loop3): done starting filesystem [ 708.682404][ T5960] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 708.734457][ T4722] usb 1-1: device descriptor read/8, error -71 [ 708.758346][ T8337] bcachefs (loop3): shutting down [ 708.767092][ T8337] bcachefs (loop3): going read-only [ 708.773391][ T8337] bcachefs (loop3): finished waiting for writes to stop [ 708.804300][ T8337] bcachefs (loop3): flushing journal and stopping allocators, journal seq 10 [ 708.837528][ T8337] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 10 [ 708.892898][ T8337] bcachefs (loop3): shutdown complete, journal seq 11 [ 708.900420][ T8337] bcachefs (loop3): marking filesystem clean [ 709.043071][ T4722] usb 1-1: new high-speed USB device number 47 using dummy_hcd [ 709.104890][ T8337] bcachefs (loop3): shutdown complete [ 709.123157][ T5960] usb 3-1: config 0 has no interfaces? [ 709.129015][ T5960] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 709.138914][ T5960] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 709.152390][ T4722] usb 1-1: device descriptor read/8, error -71 [ 709.234257][ T5960] usb 3-1: config 0 descriptor?? [ 709.307058][ T4722] usb usb1-port1: unable to enumerate USB device [ 709.323761][ T5966] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 709.587118][ T5966] usb 5-1: Using ep0 maxpacket: 8 [ 709.733755][ T5966] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 709.744269][ T5966] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 709.753626][ T5966] usb 5-1: config 1 has no interface number 1 [ 709.759958][ T5966] usb 5-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 709.770765][ T5966] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 709.784209][ T5966] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 710.055070][ T5966] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 710.064864][ T5966] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 710.073295][ T5966] usb 5-1: Product: syz [ 710.077684][ T5966] usb 5-1: Manufacturer: syz [ 710.082639][ T5966] usb 5-1: SerialNumber: syz [ 710.135193][ T9515] loop1: detected capacity change from 0 to 32768 [ 710.158670][ T9515] BTRFS: device /dev/loop1 (7:1) using temp-fsid 2aa597e7-b220-4110-a833-f0e334fa53b2 [ 710.168821][ T9515] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (9515) [ 710.187831][ T9515] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 710.201756][ T9515] BTRFS info (device loop1): using sha256 (sha256-generic) checksum algorithm [ 710.214218][ T9515] BTRFS info (device loop1): using free-space-tree [ 710.309255][ T9496] loop2: detected capacity change from 0 to 2048 [ 710.487236][ T5955] usb 3-1: USB disconnect, device number 25 [ 710.538152][ T5966] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor [ 710.546896][ T5966] usb 5-1: 2:1 : format type 0 is detected, processed as PCM [ 710.677801][ T1219] ieee802154 phy0 wpan0: encryption failed: -22 [ 710.683993][ T7824] BTRFS info (device loop1): last unmount of filesystem 2aa597e7-b220-4110-a833-f0e334fa53b2 [ 710.685970][ T1219] ieee802154 phy1 wpan1: encryption failed: -22 [ 710.742264][ T4722] usb 1-1: new high-speed USB device number 48 using dummy_hcd [ 710.786735][ T5966] usb 5-1: USB disconnect, device number 14 [ 710.998121][ T4722] usb 1-1: Using ep0 maxpacket: 16 [ 711.180351][ T4722] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 711.188777][ T4722] usb 1-1: config 0 has no interface number 0 [ 711.197221][ T4722] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 711.444806][ T4722] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 711.454371][ T4722] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 711.462852][ T4722] usb 1-1: Product: syz [ 711.467271][ T4722] usb 1-1: SerialNumber: syz [ 711.534335][ T4722] usb 1-1: config 0 descriptor?? [ 711.604547][ T4722] cm109 1-1:0.8: invalid payload size 160, expected 4 [ 711.614171][ T4722] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input19 [ 711.882555][ T29] audit: type=1804 audit(1717028727.804:45): pid=9545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir4105278253/syzkaller.y1cX1s/142/file1" dev="sda1" ino=1965 res=1 errno=0 [ 712.313458][ T9531] loop0: detected capacity change from 0 to 2048 [ 712.489763][ T9531] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 712.534156][ T9531] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 712.542855][ T9531] UDF-fs: Scanning with blocksize 512 failed [ 712.753511][ T5085] Bluetooth: hci2: command 0x0406 tx timeout [ 712.844206][ T9531] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 712.875816][ T9556] loop1: detected capacity change from 0 to 1024 [ 713.081830][ C0] cm109 1-1:0.8: cm109_urb_irq_callback: urb status -71 [ 713.101716][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 713.121777][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 713.141712][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 713.161723][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 713.178198][ T5960] usb 1-1: USB disconnect, device number 48 [ 713.184727][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 713.184854][ C0] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 713.213002][ T4722] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 713.392502][ T9555] loop4: detected capacity change from 0 to 32768 [ 713.411190][ T5960] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 713.526562][ T9565] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 713.560063][ T4722] usb 3-1: Using ep0 maxpacket: 32 [ 713.694720][ T9555] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 713.709055][ T9555] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 713.752916][ T4722] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 713.764294][ T4722] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 713.988488][ T9555] bcachefs (loop4): alloc_read... done [ 713.994507][ T9555] bcachefs (loop4): stripes_read... done [ 714.000545][ T9555] bcachefs (loop4): snapshots_read... done [ 714.018569][ T9555] bcachefs (loop4): journal_replay... done [ 714.024911][ T9555] bcachefs (loop4): resume_logged_ops... done [ 714.031691][ T9555] bcachefs (loop4): going read-write [ 714.063055][ T4722] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 714.072989][ T4722] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 714.082024][ T4722] usb 3-1: Product: syz [ 714.092568][ T4722] usb 3-1: Manufacturer: syz [ 714.200318][ T9555] bcachefs (loop4): done starting filesystem [ 714.272682][ T11] hfsplus: b-tree write err: -5, ino 4 [ 714.304135][ T4722] hub 3-1:4.0: USB hub found [ 714.345273][ T8290] bcachefs (loop4): shutting down [ 714.350616][ T8290] bcachefs (loop4): going read-only [ 714.356920][ T8290] bcachefs (loop4): finished waiting for writes to stop [ 714.431055][ T8290] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10 [ 714.460767][ T8290] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10 [ 714.511285][ T4722] hub 3-1:4.0: 2 ports detected [ 714.540006][ T8290] bcachefs (loop4): shutdown complete, journal seq 11 [ 714.548358][ T8290] bcachefs (loop4): marking filesystem clean [ 714.685687][ T8290] bcachefs (loop4): shutdown complete [ 714.967441][ T9585] loop1: detected capacity change from 0 to 1764 [ 715.166680][ T9557] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 715.175817][ T9557] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 715.367840][ T4722] usb 3-1: USB disconnect, device number 26 [ 715.501954][ T5966] usb 1-1: new high-speed USB device number 49 using dummy_hcd [ 715.639767][ T5960] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 715.791772][ T5966] usb 1-1: Using ep0 maxpacket: 8 [ 715.892040][ T5960] usb 4-1: Using ep0 maxpacket: 8 [ 715.914142][ T5966] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 715.924819][ T5966] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 715.939929][ T5966] usb 1-1: config 1 has no interface number 1 [ 715.948229][ T5966] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 715.959356][ T5966] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 715.972777][ T5966] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 716.094042][ T5960] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 716.104625][ T5960] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 716.114428][ T5960] usb 4-1: config 1 has no interface number 1 [ 716.120780][ T5960] usb 4-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 716.131911][ T5960] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 716.150915][ T5960] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 716.273498][ T5966] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 716.283464][ T5966] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 716.291918][ T5966] usb 1-1: Product: syz [ 716.296314][ T5966] usb 1-1: Manufacturer: syz [ 716.301146][ T5966] usb 1-1: SerialNumber: syz [ 716.388592][ T5960] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 716.398244][ T5960] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 716.406689][ T5960] usb 4-1: Product: syz [ 716.411079][ T5960] usb 4-1: Manufacturer: syz [ 716.416020][ T5960] usb 4-1: SerialNumber: syz [ 716.577499][ T9597] loop2: detected capacity change from 0 to 256 [ 716.697844][ T5966] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor [ 716.708656][ T5966] usb 1-1: 2:1 : format type 0 is detected, processed as PCM [ 716.918430][ T5966] usb 1-1: USB disconnect, device number 49 [ 716.963092][ T5960] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor [ 716.971204][ T5960] usb 4-1: 2:1 : format type 0 is detected, processed as PCM [ 717.211115][ T29] audit: type=1804 audit(1717028733.124:46): pid=9601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1269625548/syzkaller.YMMcXq/82/file1" dev="sda1" ino=1947 res=1 errno=0 [ 717.250177][ T5960] usb 4-1: USB disconnect, device number 26 [ 718.067808][ T9605] loop4: detected capacity change from 0 to 32768 [ 718.088915][ T9605] BTRFS: device /dev/loop4 (7:4) using temp-fsid fcc97ecd-dcf4-4d50-b5d0-1cc553fc1903 [ 718.099079][ T9605] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (9605) [ 718.102683][ T5127] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 718.157441][ T9605] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 718.168125][ T9605] BTRFS info (device loop4): using sha256 (sha256-generic) checksum algorithm [ 718.179513][ T9605] BTRFS info (device loop4): using free-space-tree [ 718.383030][ T5127] usb 3-1: device descriptor read/64, error -71 [ 718.660991][ T8290] BTRFS info (device loop4): last unmount of filesystem fcc97ecd-dcf4-4d50-b5d0-1cc553fc1903 [ 718.718909][ T5127] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 718.931929][ T5127] usb 3-1: device descriptor read/64, error -71 [ 718.979976][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 719.097194][ T5127] usb usb3-port1: attempt power cycle [ 719.272861][ T9639] netlink: 'syz-executor.1': attribute type 12 has an invalid length. [ 719.562127][ T5127] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 719.662206][ T5127] usb 3-1: device descriptor read/8, error -71 [ 719.973909][ T5127] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 720.118764][ T5127] usb 3-1: device descriptor read/8, error -71 [ 720.254274][ T5127] usb usb3-port1: unable to enumerate USB device [ 721.962518][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 722.766743][ T9682] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 723.743168][ T9696] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 724.095235][ T9705] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 724.348710][ T9709] bridge0: entered promiscuous mode [ 724.354440][ T9709] vlan2: entered promiscuous mode [ 724.360404][ T9709] vlan2: entered allmulticast mode [ 724.365904][ T9709] bridge0: entered allmulticast mode [ 724.467304][ T9709] bridge0: left allmulticast mode [ 724.473620][ T9709] bridge0: left promiscuous mode [ 724.798439][ T9719] Cannot find add_set index 0 as target [ 725.026298][ T9721] macsec0: entered promiscuous mode [ 725.032995][ T9721] macsec0: entered allmulticast mode [ 725.038504][ T9721] veth1_macvtap: entered allmulticast mode [ 725.279792][ T9726] vxcan1: tx address claim with dest, not broadcast [ 725.731473][ T9735] loop4: detected capacity change from 0 to 256 [ 726.052291][ T5955] usb 1-1: new high-speed USB device number 50 using dummy_hcd [ 726.326892][ T5955] usb 1-1: Using ep0 maxpacket: 16 [ 726.482738][ T5955] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 726.494077][ T5955] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 726.496890][ T9742] loop1: detected capacity change from 0 to 736 [ 726.504240][ T5955] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 726.504397][ T5955] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 726.536352][ T9741] loop4: detected capacity change from 0 to 164 [ 726.606358][ T5955] usb 1-1: config 0 descriptor?? [ 726.658284][ T9741] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 727.080725][ T9736] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 727.096963][ T9736] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 727.140787][ T9736] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 727.149935][ T9736] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 727.332469][ T5955] hid-generic 0003:0158:0100.000A: unknown main item tag 0x1 [ 727.340192][ T5955] hid-generic 0003:0158:0100.000A: unexpected long global item [ 727.365400][ T5955] hid-generic 0003:0158:0100.000A: probe with driver hid-generic failed with error -22 [ 727.464060][ T4722] usb 1-1: USB disconnect, device number 50 [ 727.629423][ T9753] loop4: detected capacity change from 0 to 2048 [ 727.661842][ T9755] loop2: detected capacity change from 0 to 1764 [ 727.662906][ T9753] udf: Bad value for 'anchor' [ 727.796896][ T9763] bridge0: entered promiscuous mode [ 727.802570][ T9763] vlan2: entered promiscuous mode [ 727.812430][ T9763] vlan2: entered allmulticast mode [ 727.817776][ T9763] bridge0: entered allmulticast mode [ 727.926592][ T9763] bridge0: left allmulticast mode [ 727.935349][ T9763] bridge0: left promiscuous mode [ 729.025585][ T9779] loop4: detected capacity change from 0 to 2048 [ 729.175068][ T9779] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 729.323523][ T9791] loop0: detected capacity change from 0 to 164 [ 729.487027][ T9791] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 729.645116][ T8290] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 730.377049][ T9805] loop0: detected capacity change from 0 to 1764 [ 730.575793][ T9818] bridge0: entered promiscuous mode [ 730.581374][ T9818] vlan2: entered promiscuous mode [ 730.587481][ T9818] vlan2: entered allmulticast mode [ 730.592925][ T9818] bridge0: entered allmulticast mode [ 730.724493][ T9818] bridge0: left allmulticast mode [ 730.730670][ T9818] bridge0: left promiscuous mode [ 732.717015][ T9842] loop0: detected capacity change from 0 to 164 [ 733.088132][ T9842] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 733.491541][ C1] sched: RT throttling activated [ 733.937820][ T9856] loop4: detected capacity change from 0 to 128 [ 733.980549][ T9856] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 734.102140][ T4722] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 734.563858][ T4722] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 734.581100][ T4722] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 734.596176][ T4722] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 734.606207][ T4722] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 734.683136][ T4722] usb 4-1: config 0 descriptor?? [ 735.048300][ T9871] bridge0: entered promiscuous mode [ 735.055975][ T9871] vlan2: entered promiscuous mode [ 735.063575][ T9871] vlan2: entered allmulticast mode [ 735.068914][ T9871] bridge0: entered allmulticast mode [ 735.167006][ T9871] bridge0: left allmulticast mode [ 735.173394][ T9871] bridge0: left promiscuous mode [ 735.264787][ T4722] usbhid 4-1:0.0: can't add hid device: -71 [ 735.272803][ T4722] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 735.420698][ T4722] usb 4-1: USB disconnect, device number 27 [ 735.526965][ T5084] Bluetooth: hci3: unexpected event for opcode 0x0411 [ 736.162634][ T9887] loop1: detected capacity change from 0 to 128 [ 736.219909][ T9887] VFS: Found a Xenix FS (block size = 512) on device loop1 [ 736.247450][ T9889] loop3: detected capacity change from 0 to 164 [ 736.360385][ T9889] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 736.485332][ T7824] sysv_free_block: trying to free block not in datazone [ 736.532381][ T7824] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 737.263370][ T9899] loop3: detected capacity change from 0 to 2048 [ 737.271915][ T9901] loop4: detected capacity change from 0 to 1764 [ 737.393015][ T9899] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 737.491806][ T9899] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 738.602207][ T29] audit: type=1804 audit(1717028754.374:47): pid=9911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir14087684/syzkaller.cuuhLy/77/file0/bus" dev="loop3" ino=1367 res=1 errno=0 [ 739.497453][ T9921] vlan2: entered promiscuous mode [ 739.502914][ T9921] vlan2: entered allmulticast mode [ 739.603330][ T5084] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 739.612151][ T5084] Bluetooth: hci3: Injecting HCI hardware error event [ 739.619822][ T5084] Bluetooth: hci3: hardware error 0x00 [ 741.754503][ T5084] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 742.038304][ T9961] bridge0: entered promiscuous mode [ 742.051895][ T9961] vlan2: entered promiscuous mode [ 742.058048][ T9961] vlan2: entered allmulticast mode [ 742.063558][ T9961] bridge0: entered allmulticast mode [ 742.170433][ T9961] bridge0: left allmulticast mode [ 742.177078][ T9961] bridge0: left promiscuous mode [ 743.344398][ T9983] Cannot find del_set index 0 as target [ 743.814475][ T9990] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'. [ 743.943358][ T9992] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 744.028267][ T9992] bond1: entered promiscuous mode [ 744.095835][ T9998] SET target dimension over the limit! [ 744.143723][ T9992] bond1: (slave gre1): The slave device specified does not support setting the MAC address [ 744.160787][ T9992] bond1: (slave gre1): Error -95 calling set_mac_address [ 744.346488][T10001] bond1: (slave vti0): The slave device specified does not support setting the MAC address [ 744.359802][T10001] bond1: (slave vti0): Error -95 calling set_mac_address [ 744.582867][T10007] vlan2: entered promiscuous mode [ 744.588150][T10007] vlan2: entered allmulticast mode [ 745.357570][T10016] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 745.655244][T10024] Bluetooth: MGMT ver 1.22 [ 746.133700][T10034] Cannot find add_set index 0 as target [ 746.233944][ C1] ===================================================== [ 746.241240][ C1] BUG: KMSAN: uninit-value in strnchr+0x90/0xd0 [ 746.247753][ C1] strnchr+0x90/0xd0 [ 746.251884][ C1] bpf_bprintf_prepare+0x1c2/0x23c0 [ 746.257295][ C1] bpf_trace_printk+0xec/0x3e0 [ 746.262301][ C1] ___bpf_prog_run+0x13fe/0xe0f0 [ 746.267406][ C1] __bpf_prog_run288+0xb5/0xe0 [ 746.272382][ C1] bpf_trace_run3+0x132/0x320 [ 746.277212][ C1] __bpf_trace_kmem_cache_free+0x31/0x40 [ 746.283056][ C1] kmem_cache_free+0x6e6/0xac0 [ 746.287988][ C1] __kfree_skb+0x1f8/0x250 [ 746.292681][ C1] kfree_skb_reason+0x127/0x4f0 [ 746.297696][ C1] __netif_receive_skb_core+0x55fc/0x6190 [ 746.303674][ C1] __netif_receive_skb+0xca/0xa00 [ 746.308867][ C1] process_backlog+0x480/0x8b0 [ 746.313876][ C1] __napi_poll+0xe7/0x980 [ 746.318367][ C1] net_rx_action+0x89d/0x1820 [ 746.323275][ C1] handle_softirqs+0x1d8/0x810 [ 746.328209][ C1] __irq_exit_rcu+0x68/0x120 [ 746.333024][ C1] irq_exit_rcu+0x12/0x20 [ 746.337514][ C1] sysvec_apic_timer_interrupt+0x83/0x90 [ 746.343379][ C1] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 746.349565][ C1] obj_cgroup_uncharge_pages+0x95/0x590 [ 746.355353][ C1] refill_obj_stock+0x38f/0x5d0 [ 746.360379][ C1] obj_cgroup_uncharge+0x26/0x30 [ 746.365537][ C1] __memcg_slab_free_hook+0x216/0x560 [ 746.371088][ C1] kmem_cache_free+0x55d/0xac0 [ 746.376045][ C1] __sk_destruct+0x6fb/0xb70 [ 746.380865][ C1] __sk_free+0x6de/0x760 [ 746.385326][ C1] sk_free+0x70/0xc0 [ 746.389383][ C1] tcp_close+0xfc/0x150 [ 746.393766][ C1] inet_release+0x2a3/0x380 [ 746.398445][ C1] inet6_release+0x7b/0xe0 [ 746.403061][ C1] sock_close+0xd6/0x2d0 [ 746.407531][ C1] __fput+0x6a1/0x10c0 [ 746.411808][ C1] __fput_sync+0x74/0x90 [ 746.416207][ C1] __se_sys_close+0x290/0x4d0 [ 746.421201][ C1] __x64_sys_close+0x48/0x60 [ 746.426049][ C1] x64_sys_call+0x2c48/0x3b50 [ 746.431100][ C1] do_syscall_64+0xcf/0x1e0 [ 746.435869][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 746.442029][ C1] [ 746.444436][ C1] Local variable stack created at: [ 746.449638][ C1] __bpf_prog_run288+0x45/0xe0 [ 746.454638][ C1] bpf_trace_run3+0x132/0x320 [ 746.459467][ C1] [ 746.461945][ C1] CPU: 1 PID: 8337 Comm: syz-executor.3 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 746.472140][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 746.482384][ C1] ===================================================== [ 746.489417][ C1] Disabling lock debugging due to kernel taint [ 746.495729][ C1] Kernel panic - not syncing: kmsan.panic set ... [ 746.502234][ C1] CPU: 1 PID: 8337 Comm: syz-executor.3 Tainted: G B 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 746.513811][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 746.523965][ C1] Call Trace: [ 746.527317][ C1] [ 746.530226][ C1] dump_stack_lvl+0x216/0x2d0 [ 746.535051][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 746.540998][ C1] dump_stack+0x1e/0x30 [ 746.545287][ C1] panic+0x4e2/0xcd0 [ 746.549343][ C1] ? kmsan_get_metadata+0xf1/0x1d0 [ 746.554712][ C1] kmsan_report+0x2d5/0x2e0 [ 746.559366][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 746.564721][ C1] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 746.571180][ C1] ? __msan_warning+0x95/0x120 [ 746.576073][ C1] ? strnchr+0x90/0xd0 [ 746.580292][ C1] ? bpf_bprintf_prepare+0x1c2/0x23c0 [ 746.585827][ C1] ? bpf_trace_printk+0xec/0x3e0 [ 746.590933][ C1] ? ___bpf_prog_run+0x13fe/0xe0f0 [ 746.596188][ C1] ? __bpf_prog_run288+0xb5/0xe0 [ 746.601260][ C1] ? bpf_trace_run3+0x132/0x320 [ 746.606240][ C1] ? __bpf_trace_kmem_cache_free+0x31/0x40 [ 746.612187][ C1] ? kmem_cache_free+0x6e6/0xac0 [ 746.617248][ C1] ? __kfree_skb+0x1f8/0x250 [ 746.621979][ C1] ? kfree_skb_reason+0x127/0x4f0 [ 746.627131][ C1] ? __netif_receive_skb_core+0x55fc/0x6190 [ 746.633173][ C1] ? __netif_receive_skb+0xca/0xa00 [ 746.638506][ C1] ? process_backlog+0x480/0x8b0 [ 746.643585][ C1] ? __napi_poll+0xe7/0x980 [ 746.648213][ C1] ? net_rx_action+0x89d/0x1820 [ 746.653201][ C1] ? handle_softirqs+0x1d8/0x810 [ 746.658362][ C1] ? __irq_exit_rcu+0x68/0x120 [ 746.663258][ C1] ? irq_exit_rcu+0x12/0x20 [ 746.667899][ C1] ? sysvec_apic_timer_interrupt+0x83/0x90 [ 746.673876][ C1] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 746.680186][ C1] ? obj_cgroup_uncharge_pages+0x95/0x590 [ 746.686046][ C1] ? refill_obj_stock+0x38f/0x5d0 [ 746.691202][ C1] ? obj_cgroup_uncharge+0x26/0x30 [ 746.696448][ C1] ? __memcg_slab_free_hook+0x216/0x560 [ 746.702133][ C1] ? kmem_cache_free+0x55d/0xac0 [ 746.707186][ C1] ? __sk_destruct+0x6fb/0xb70 [ 746.712080][ C1] ? __sk_free+0x6de/0x760 [ 746.716622][ C1] ? sk_free+0x70/0xc0 [ 746.720811][ C1] ? tcp_close+0xfc/0x150 [ 746.725282][ C1] ? inet_release+0x2a3/0x380 [ 746.730096][ C1] ? inet6_release+0x7b/0xe0 [ 746.734806][ C1] ? sock_close+0xd6/0x2d0 [ 746.739368][ C1] ? __fput+0x6a1/0x10c0 [ 746.743735][ C1] ? __fput_sync+0x74/0x90 [ 746.748273][ C1] ? __se_sys_close+0x290/0x4d0 [ 746.753255][ C1] ? __x64_sys_close+0x48/0x60 [ 746.758146][ C1] ? x64_sys_call+0x2c48/0x3b50 [ 746.763134][ C1] ? do_syscall_64+0xcf/0x1e0 [ 746.767949][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 746.774173][ C1] ? filter_irq_stacks+0x60/0x1a0 [ 746.779358][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 746.784676][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 746.789998][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 746.795941][ C1] __msan_warning+0x95/0x120 [ 746.800645][ C1] strnchr+0x90/0xd0 [ 746.804680][ C1] bpf_bprintf_prepare+0x1c2/0x23c0 [ 746.810039][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 746.815359][ C1] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 746.821771][ C1] ? __msan_memcpy+0x108/0x1c0 [ 746.826686][ C1] bpf_trace_printk+0xec/0x3e0 [ 746.831608][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 746.836928][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 746.842871][ C1] ___bpf_prog_run+0x13fe/0xe0f0 [ 746.847954][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 746.853292][ C1] __bpf_prog_run288+0xb5/0xe0 [ 746.858198][ C1] ? filter_irq_stacks+0x60/0x1a0 [ 746.863379][ C1] ? stack_depot_save_flags+0x2c/0x6e0 [ 746.869017][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 746.874350][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 746.879672][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 746.885606][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 746.891541][ C1] ? __pfx___bpf_prog_run288+0x10/0x10 [ 746.897135][ C1] ? __pfx___bpf_prog_run288+0x10/0x10 [ 746.902727][ C1] bpf_trace_run3+0x132/0x320 [ 746.907532][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 746.913467][ C1] ? __kfree_skb+0x1f8/0x250 [ 746.918186][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 746.923508][ C1] ? __kfree_skb+0x1f8/0x250 [ 746.928225][ C1] __bpf_trace_kmem_cache_free+0x31/0x40 [ 746.933991][ C1] kmem_cache_free+0x6e6/0xac0 [ 746.938868][ C1] ? kmsan_report+0x2a0/0x2e0 [ 746.943662][ C1] ? __kfree_skb+0x1f8/0x250 [ 746.948376][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 746.953703][ C1] __kfree_skb+0x1f8/0x250 [ 746.958242][ C1] ? __netif_receive_skb_core+0x55fc/0x6190 [ 746.964280][ C1] kfree_skb_reason+0x127/0x4f0 [ 746.969268][ C1] __netif_receive_skb_core+0x55fc/0x6190 [ 746.975128][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 746.981060][ C1] ? __netif_receive_skb+0x95/0xa00 [ 746.986397][ C1] ? filter_irq_stacks+0x60/0x1a0 [ 746.991589][ C1] ? stack_depot_save_flags+0x2c/0x6e0 [ 746.997167][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 747.002503][ C1] __netif_receive_skb+0xca/0xa00 [ 747.007662][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 747.012984][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 747.018944][ C1] ? __rcu_read_lock+0x46/0x70 [ 747.023851][ C1] process_backlog+0x480/0x8b0 [ 747.028777][ C1] ? __pfx_process_backlog+0x10/0x10 [ 747.034216][ C1] __napi_poll+0xe7/0x980 [ 747.038674][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 747.044002][ C1] net_rx_action+0x89d/0x1820 [ 747.048820][ C1] ? rcu_core+0x1ab4/0x1e70 [ 747.053453][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 747.058707][ C1] handle_softirqs+0x1d8/0x810 [ 747.063627][ C1] __irq_exit_rcu+0x68/0x120 [ 747.068350][ C1] irq_exit_rcu+0x12/0x20 [ 747.072804][ C1] sysvec_apic_timer_interrupt+0x83/0x90 [ 747.078583][ C1] [ 747.081579][ C1] [ 747.084577][ C1] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 747.090723][ C1] RIP: 0010:obj_cgroup_uncharge_pages+0x95/0x590 [ 747.097206][ C1] Code: 00 00 4c 89 65 c0 49 8d 5c 24 10 e8 c5 6b 3e ff 4d 89 fc 4d 85 ff 0f 85 36 01 00 00 4c 8b 3b 48 89 df e8 4e 22 f6 ff 48 8b 18 <8b> 02 89 45 b0 45 89 fe 41 83 e6 03 f6 c3 03 74 0f 89 d8 f7 d0 44 [ 747.116952][ C1] RSP: 0018:ffff88802cf07868 EFLAGS: 00000286 [ 747.123130][ C1] RAX: ffff888027f00010 RBX: 0000000000000000 RCX: 0000000028300010 [ 747.131203][ C1] RDX: ffff888028300010 RSI: ffff88813fff9050 RDI: ffff888028700010 [ 747.139282][ C1] RBP: ffff88802cf078c8 R08: ffffea000000000f R09: 0000000000000000 [ 747.147354][ C1] R10: ffff88802c707800 R11: 0000000000000000 R12: 0000000000000000 [ 747.155420][ C1] R13: ffff8880287ebfd0 R14: ffff888028700054 R15: 0000487ec004abb8 [ 747.163512][ C1] ? obj_cgroup_uncharge_pages+0x92/0x590 [ 747.169379][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 747.175317][ C1] refill_obj_stock+0x38f/0x5d0 [ 747.180311][ C1] obj_cgroup_uncharge+0x26/0x30 [ 747.185386][ C1] __memcg_slab_free_hook+0x216/0x560 [ 747.190917][ C1] kmem_cache_free+0x55d/0xac0 [ 747.195797][ C1] ? __sk_destruct+0x6fb/0xb70 [ 747.200705][ C1] __sk_destruct+0x6fb/0xb70 [ 747.205435][ C1] __sk_free+0x6de/0x760 [ 747.209817][ C1] sk_free+0x70/0xc0 [ 747.213843][ C1] tcp_close+0xfc/0x150 [ 747.218144][ C1] ? __pfx_tcp_close+0x10/0x10 [ 747.223043][ C1] inet_release+0x2a3/0x380 [ 747.227694][ C1] inet6_release+0x7b/0xe0 [ 747.232230][ C1] ? __pfx_inet6_release+0x10/0x10 [ 747.237465][ C1] sock_close+0xd6/0x2d0 [ 747.241859][ C1] ? __pfx_sock_close+0x10/0x10 [ 747.246863][ C1] __fput+0x6a1/0x10c0 [ 747.251110][ C1] __fput_sync+0x74/0x90 [ 747.255507][ C1] __se_sys_close+0x290/0x4d0 [ 747.260358][ C1] __x64_sys_close+0x48/0x60 [ 747.265104][ C1] x64_sys_call+0x2c48/0x3b50 [ 747.269950][ C1] do_syscall_64+0xcf/0x1e0 [ 747.274610][ C1] ? clear_bhb_loop+0x25/0x80 [ 747.279436][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 747.285484][ C1] RIP: 0033:0x7faa61e7bdda [ 747.290005][ C1] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 03 7f 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 63 7f 02 00 8b 44 24 [ 747.309753][ C1] RSP: 002b:00007fffa22ba130 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 747.318291][ C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007faa61e7bdda [ 747.326366][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 747.334424][ C1] RBP: 00007fffa22ba1ac R08: 00000000000003b8 R09: 0079746972756365 [ 747.342496][ C1] R10: 00007faa61f846a0 R11: 0000000000000293 R12: 0000000000000032 [ 747.350562][ C1] R13: 00000000000b61fc R14: 00000000000b60d6 R15: 0000000000000004 [ 747.358644][ C1] [ 748.731737][ C1] Shutting down cpus with NMI [ 748.736761][ C1] Kernel Offset: disabled [ 748.741146][ C1] Rebooting in 86400 seconds..